Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit logging? Alex Szlavik #2606

Open
Tracked by #2438
gak opened this issue Sep 3, 2024 · 1 comment
Open
Tracked by #2438

Audit logging? Alex Szlavik #2606

gak opened this issue Sep 3, 2024 · 1 comment
Labels
security relates to security (regardless of priority)

Comments

@gak
Copy link
Contributor

gak commented Sep 3, 2024

No description provided.

@gak gak mentioned this issue Sep 3, 2024
Open
20 tasks
@github-actions github-actions bot added the triage Issue needs triaging label Sep 3, 2024
@ftl-robot ftl-robot mentioned this issue Sep 3, 2024
Open
@gak gak added security relates to security (regardless of priority) and removed triage Issue needs triaging labels Sep 3, 2024
@AlexSzlavik
Copy link
Contributor

Audit logging is a fundamental component for any forensic activity. Understanding who or what performed which action, with nonrepudiation and integrity is especially important for financial services. The key part here is that the logging should persist for a long time (indefinitely) and have strong integrity to be valuable. Append only data stores have been used to accomplish this in some places. Requirements here are generally that we want to capture what identity, perform which action. A good place to start is anything administratively in FTL, like deployments, scaling pods, accessing secrets or configs etc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security relates to security (regardless of priority)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gak @AlexSzlavik