Application audit logs contain a trace of all user activity and are used to answer many different questions in different contexts. Development teams perform analysis on the logs. Security teams write threat detection logic into the logs. Customers request the logs arbitrarily. Regulatory requirements (GDPR, CCPA, etc.) dictate that you store them, but then you must delete them at some point. Your responsibility as a developer or security engineer is to ensure that the logs are useful and usable for all of these different stakeholders – and that means robust, high-quality log management tools. In this talk, we'll explain the purpose and value of audit logs, present a best practice logging checklist, and analyze a universal log reference format that you can start using today!

Justin Massey

Justin Massey is a product manager at Datadog. His experience leading the technical operations of an MSP led him to discover vulnerabilities in many companies' networks and applications. After leaving the MSP, he transitioned into the role of penetration tester and application security engineer to identify the vulnerabilities before the attackers did. Justin's current focus is on real-time security threat detection.

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.