Audit log policy - codemagic-ci-cd/company-handbook GitHub Wiki

Overview

At Codemagic, security logging is done by:

Using Google Cloud Logs Explorer (this is similar to ELK Elasticsearch, logstash and Kibana, which is what OWASP recommends, but natively integrated to GCP)

Policy Statements

1. All Nevercode production systems must log security-related events.

2. All logs must be securely transmitted from the production system to a dedicated audit log datastore

3. The dedicated audit log datastore must have sufficient storage capacity to retain audit logs for the required duration.

4. All audit logs must be handled according to any Privacy regulation that covers the data collected by the audit log system.

5. High-risk audit events must be regularly reviewed and any indications of a security incident identified in accordance with the Incident Response Policy