Young hacker smiling

We hack your software

zero false positives

Expert intelligence + specialized technology

REQ.047 Classify critical files for monitoring

This documents contains the details of the security requirements related to file management in the organization. This requirement establishes the importance of classify critical files and establish tools to monitor them in order to detect any alteration that may result in a security breach.

Requirement

The critical files must be established for each system in order to follow up its integrity.

Description

Each system has files that are necessary for its operation (master files, setting files, among others), each one of these files must be identified and tracked using tools that permanently monitor the activities carried out on them.

Implementation

Each system has a file structure that contains information about its configuration and operation, if these files are modified they can alter the execution of the system and for this reason it is important to establish a permanent monitoring of the integrity of these. The monitoring should notify the system administrator of the changes made immediately, and enable a record of the activities carried out.

Attacks

  1. An incident occurs in which a modification of critical files is identified, however it was not possible to detect in advance by not having a tool that registers the modifications in the compromised files.

Attributes

  • Layer: Application Layer.

  • Asset: Critical Files.

  • Scope: Integrity.

  • Phase: Operation.

  • Type of Control: Recommendation.

References

  1. OWASP-ASVS v3.1-1.4 Data considered sensitive in the context of the application is clearly identified.


Service status - Terms of Use