1. Security Guide
  2. Secure Deployments Checklist
  3. Auditing Goals

Auditing Goals

Auditing should make it easy to detemrine:

  • Who made the change? (More than information that "root" made the alteration.)

  • When was the change made? (An adequate log retention period is important.)

  • What was the purpose of the change? (If not malicious, the change was made for a reason.)