Security and the Twelve-Factor App - Step 11
A blog series by WhiteHat Security
October 15, 2019

Eric Sheridan
WhiteHat Security

In the previous chapter of this WhiteHat Security series, DEV/product parity was the key focus area, and relates to keeping development, staging and production as similar as possible. The security posture to adopt when striving for DEV/prod parity as you move through the Twelve-Factors is to ensure that product secrets are not shared.

Step 11 suggests treating logs as event streams.

Start with Security and the Twelve-Factor App - Step 1
Start with Security and the Twelve-Factor App - Step 2
Start with Security and the Twelve-Factor App - Step 3
Start with Security and the Twelve-Factor App - Step 4
Start with Security and the Twelve-Factor App - Step 5
Start with Security and the Twelve-Factor App - Step 6
Start with Security and the Twelve-Factor App - Step 7
Start with Security and the Twelve-Factor App - Step 8
Start with Security and the Twelve-Factor App - Step 9
Start with Security and the Twelve-Factor App - Step 10

Defining Logs in the Twelve-Factor App

12.factor.net explains that Logs, which are the stream of aggregated, time-ordered events collected from the output streams of all running processes and backing services, offer visibility into the behaviour of a running app.

A twelve-factor app never concerns itself with routing or storage of its output stream. It should not attempt to write to or manage logfiles. Instead, each running process writes its event stream, unbuffered, to stdout. During local development, the developer will view this stream in the foreground of their terminal to observe the app’s behavior.

Applying Security to Step 11

The most important security step in this factor is to log for security in such a way that anyone who is aggregating the log can easily extract the security log messages to avoid being burdened with stack traces for example.

In other words, create a log record for each security critical event with supporting information, as well as a "SECURITY" log record category to assist in aggregation.

In the final chapter we cover Step 12, which is all about admin processes and running admin/management tasks as one-off processes.

Eric Sheridan is Chief Scientist at WhiteHat Security
Share this

Related Links

www.whitehatsec.com
www.12factor.net
Security and the Twelve-Factor App - Step 1

Industry News

Check Point Software Recognized as a Leader in Email Security in Inaugural Gartner Magic Quadrant for Email Security Platforms
December 19, 2024

Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).

Progress ShareFile Selected as Latest Addition to American Institute of CPAs Member Discount Program, Offering Benefits for AICPA Members
December 19, 2024

Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.

Kurrent Enterprise Edition Released
December 18, 2024

Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.

Blitzy Platform Released
December 18, 2024

Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.

Sonata Software Launches IntellQA
December 17, 2024

Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.

Sonar to Acquire Tidelift
December 17, 2024

Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.

Kindo Launches Channel Partner Program
December 17, 2024

Kindo formally launched its channel partner program.

Red Hat Enterprise Linux AI 1.3 Released
December 16, 2024

Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.

Fastly AI Accelerator Released
December 16, 2024

Fastly announced the general availability of Fastly AI Accelerator.

Amazon Q Developer Plugins for AWS Management Console Released
December 12, 2024

Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.

vFunction Releases New Functionality
December 12, 2024

vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.

Check Point Infinity XDR/XPR Achieves 100% Detection Rate in 2024 MITRE ATT&CK Evaluations
December 11, 2024

Check Point® Software Technologies Ltd. announced that Infinity XDR/XPR achieved a 100% detection rate in the rigorous 2024 MITRE ATT&CK® Evaluations.

CyberArk Releases FuzzyAI
December 11, 2024

CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.

Grid Dynamics Launches Developer Portal
December 11, 2024

Grid Dynamics announced the launch of its developer portal.

LTIMindtree Partners with GitHub
December 10, 2024

LTIMindtree announced a strategic partnership with GitHub.

More Industry News