Acra. Features: Logging, audit logging and crypto-signed audit logs

Audit logs, or audit trails, capture evidence about any activity in your software solution. They keep records about who did what and the system's response.

From a data security perspective, logs are sensitive data toothey can help to see when a system was compromised, define trust scope, and reconstruct the attack (see NIST SP 800-92).

Have a look at logging in Acra.

Use Acra Community Edition for free. Check out Acra Enterprise Edition tailored for solutions with high security requirements.

8 Security logs and events

As software that works with sensitive data, Acra produces technical logs on its activity. Acra supports multiple logging formats compatible with popular logging solutions. In addition to logs, Acra supports exporting of metrics and traces.

Acras security log is specifically pre-configured to be helpful to SIEM/SOC operators in building analytics and automation around security events.

Read more about Acras logs and security events.

Cryptographically signed audit logs

Acra generates audit logs for data-related operationswho access what using which keys.

To ensure that the audit log is secure itself, Acra provides cryptographic protection and validation of exported logs to prevent tampering.

Cryptographic signature protects audit logs from unnoticed adversarial changes.

Each log message contains a special signature that depends on log content and previous log contentthus, creating a chain-of-signed-logs. This logging process guarantees that logs are created one-by-one and depend on each other.

Acras cryptographically protected audit log covers access, security events, ties sessions to consumers and extends application-level audit log with strong evidence.

As you see Acra features cover different risks and threats, while supporting each other in their mission. Combining crypto signed audit logging with ongoing automated verification shortens MTTD and MTTR on potential incidents.