CCC.TH09: Logs or Monitoring Data are Read by Unauthorized Users
Threat ID:CCC.TH09
Title:Logs or Monitoring Data are Read by Unauthorized Users
Description:
Unauthorized access to logs or monitoring data can provide attackers with valuable information about the system's configuration, operations, and security mechanisms. This can be used to identify vulnerabilities, plan attacks, or evade detection.
Related Features:
| ID | Title | Description |
|---|---|---|
| CCC.F03 | Access/Activity Logs | Provides users with the ability to track all requests made to or activities performed on resources for audit purposes. |
| CCC.F09 | Monitoring | Provides the ability to continuously observe, track, and analyze the performance, availability, and health of the service resources or applications. |
Related Controls:
| ID | Title |
|---|---|
| CCC.C09 | Prevent Tampering, Deletion, or Unauthorized Access to Access Logs |