python |
Pythonタグが付けられた新着投稿 - Qiita |
【Python】妻に真夜中のダンスレッスン予約を強要されたので、Webスクレイピングで回避を試みようとしている話 (11.seleniumでカレンダーの日付選択など) |
https://qiita.com/sibulabo/items/0ba7f416d58439bce35c
|
selenium |
2022-11-12 21:28:37 |
海外TECH |
Ars Technica |
“Dark ships” emerge from the shadow of the Nord Stream pipeline mystery |
https://arstechnica.com/?p=1897100
|
monitors |
2022-11-12 12:15:19 |
海外TECH |
Ars Technica |
2022 Apple TV 4K review: HDR10+ rounds out an already excellent streaming box |
https://arstechnica.com/?p=1897225
|
device |
2022-11-12 12:00:46 |
海外TECH |
DEV Community |
Full StackE-commerce (myntra clone) series using Flutter, NodeJs, MongoDb and ExpressJs |
https://dev.to/devstack06/full-stacke-commerce-myntra-clone-series-using-flutter-nodejs-mongodb-and-expressjs-12f6
|
Full StackE commerce myntra clone series using Flutter NodeJs MongoDb and ExpressJsHi everyone Here is a glimpse of recent progress of shopping app inspired by myntra series Created product details cardCreated post apis using nodejs expressjs for uploading the csv excel data of products details and storing it to mongodbCreated a get api for fetching all the products filter based on category will be introducing soon Integrated api with getx in flutter and plotting card dynamicallyPlaylist Link GitHub Repo Do give star |
2022-11-12 12:48:57 |
海外TECH |
DEV Community |
8 Best Logging Practices to Keep Sensitive Data Out |
https://dev.to/pragativerma18/8-best-logging-practices-to-keep-sensitive-data-out-39p9
|
Best Logging Practices to Keep Sensitive Data OutLogging is an essential part of the software development process Debugging application and infrastructure performance has traditionally relied heavily on logs They help to provide visibility into how our apps function across each infrastructure component Log data includes out of memory errors and hard drive failures This is really helpful information that will aid us in establishing the why behind an issue brought to our attention or discovered by us Log data frequently contains critical information about your applications infrastructure and databases When compared to the security mechanisms used to control access to a production database log security may be lacking Furthermore there is a significant temptation to log sensitive client data such as names and email addresses as a simple manner of determining who is responsible for the occurrence of an application event and generating a comprehensive audit trail when debugging As a result millions of people s personal information has been exposed which is frequently discovered in organizational log files and database backups Whether you operate in a highly sensitive industry like health tech or finance or not recording user PII Personal Identifiable Information is a compliance and security risk that has been the basis of numerous big data breaches In this post we will define sensitive data evaluate the risks of logging it and demonstrate how to avoid this issue by adhering to best practices for logging sensitive user data Let s dive into it What Does Sensitive Data Mean Before we go into the best practices let s talk about what constitutes sensitive data As a result sensitive data is private information that must be safeguarded against unauthorized access such as personal information passwords credentials and so on Sensitive data can be broadly categorized as one of the following PII Personal Identifiable Information This includes information such as full names addresses email addresses driver s license numbers security pins phone numbers etc Financial Data Bank Account Number ATM PIN etc Healthcare Data This includes healthcare records and medical history etc PasswordsIP Address etc Although the data listed above is considered sensitive and is subject to compliance requirements such as GDPR General Data Protection Regulation PCI Payment Card Industry Data Security Standard and HIPPA Health Insurance Portability and Accountability Act of it is critical to assess data sensitivity in the context of your business and product Consider the following question when logging any data What will be the likely impact on my organization if this information enters into the wrong hands If disclosing this data may harm your company s brand or consumer trust you should regard it as sensitive information and avoid logging it Now that we recognize the necessity of keeping sensitive data out of logs let s look at some best practices for logging that might assist us in doing so Why Should You Keep Sensitive Data Out of Your Logs Compliance and security are the primary reasons for keeping sensitive data out of logs In terms of compliance users have the right to seek information about the data acquired on them as well as information about why their data is being held and the deletion of their data under privacy rules If the user data is replicated or scattered around the system via logs database dumps and backups complying with any of these demands becomes exceedingly challenging Furthermore logs are frequently the subject of data intrusions resulting in unintentional data disclosures Keeping sensitive data out of logs for example can greatly minimize the impact of any attack Now that we understand the importance of keeping sensitive data out of logs let s learn about the best practices to follow while logging that can help in achieving this Best Practices for Keeping Sensitive Data Out of Your Logs Encrypt Data in TransitEncrypting data in transit and at rest assures that even if someone steals your log file or database dump they will require the key to decode and use the data Furthermore because web servers log requests frequently data in transit even between internal systems must be secured This will help to keep encrypted sensitive data out of your records Isolate Sensitive DataWhen you move sensitive data across your systems such as a user s name email address and phone number it is probable that some API will log it or that some system will keep it in your database A single source of truth such as a data privacy vault would be a better solution to sensitive data management A data privacy vault may help you isolate and safeguard all sensitive data within a vault ensuring that your application never communicates sensitive data through internal APIs or stores sensitive fields within the application database Sensitive data cannot be included in database backups SQL logs application logs or server logs since it is never present in the systems being monitored or backed up Tokenize Sensitive DataWhen adding logs to an application having a user identifier such as a name or an email may be very helpful in debugging and save a lot of time so it may appear tempting but you should avoid doing so A simpler solution is to attach a reference to the raw value to a log record via the tokenization process As a result you may exchange sensitive data for a token All application references become tokens after your sensitive data has been segregated and stored in a data privacy vault When data isolation and tokenization are combined you have data privacy as well as the usefulness and ease of keeping a kind of identification in your information If necessary you can detokenize the tokens to get the original sensitive data Keeping Sensitive Data Out of URLsIt s a common practice to log URL requests on web servers and if you have a URL pattern such as users or users the names and emails of the individuals are likely to be logged on the server thus making it vulnerable To mitigate this replace the sensitive data in the URLs with an arbitrary user ID This might be something like the user s main key a UUID Universally Unique Identifier or any other form of token Mask or Redact Sensitive DataIn addition to tokenization combining redaction and masking is an efficient way to keep sensitive information out of your logs Some applications may simply require the last four digits of a credit card or social security number SSN Data masking is an unreversible one way procedure for securing sensitive data Masking generates a version of sensitive data that seems structurally identical to the original but conceals the most sensitive data contained inside a field Unlike masking redaction hides all of the information within a field There are also situations when the application doesn t need to know even the partial information in such cases the sensitive data can be redacted instead of masking You can efficiently keep sensitive data out of your logs if the recommended practices stated above are followed correctly nonetheless mistakes are unavoidable when people are involved Here are some more technical best practices for avoiding logging sensitive data to limit and eliminate human errors during logging Code ReviewsBecause code reviews are a routine and frequent activity in software development reviewers should ensure that there are no log statements that might reveal sensitive data while completing code reviews If you re using a Pull Request Template consider including a checkbox for the reviewer to ensure that they ve validated the logging statements in the modifications Structured LoggingStructured logging converts logs into relational data sets such as key value pairs rather than just text Structured logging has the advantage of being easy to detect and evaluate It can also aid in keeping sensitive information out of your logs Because of JSON s simplicity and adaptability it is an excellent choice for constructing structured log statements log data may be retrieved and inspected automatically but the messages remain comprehensible to people All major computer languages support JSON logging natively or through libraries For example a combined log format would look like this May GET downloads product HTTP Debian APT HTTP expubuntu Whereas an example log line generated by an Nginx web server and formatted in JSON would look something like this time May remote ip remote user request GET downloads product HTTP response bytes referrer agent Debian APT HTTP expubuntu In your logging process you can utilize heuristics to determine whether any of the data set keys correlate to known sensitive data fields If this is the case none of these datasets should be published in the logs Heuristics can be used to compare fields such as name email and password This method isn t flawless but it includes some automated testing Automated AlertsThe last stage is to create an automated service that searches existing logs for sensitive information and notifies the team if it discovers any This may appear to be excessive or unneeded yet it can help in the detection of system flaws The following are some frequent points to be mentioned in alerts Time and dateName of the hostName of the applicationCustomer or account that was affected by the mistakeThe visitor s IP address or other geographical indicatorsUnprocessed exception dataThe line number on which it appeared if applicable Error classification fatal warning etc ConclusionIn a nutshell it s vital to make every effort to keep your logging system from becoming a weak link in the security and privacy of your infrastructure whether by purpose or by accident As a consequence we examined eight best practices in this post that may help you and your team keep sensitive data out of your logs Developing an engineering culture that is aware of the hazards of recording sensitive information will help to avoid future problems Making sure sensitive data is not logged should be a shared duty of the whole technical organization not the sole responsibility of one person I hope you found it useful Please let me know if there is anything I missed |
2022-11-12 12:06:47 |
海外ニュース |
Japan Times latest articles |
Kishida and Yoon to hold talks in Cambodia in bid to improve Tokyo-Seoul ties |
https://www.japantimes.co.jp/news/2022/11/12/national/politics-diplomacy/south-korea-japan-talks-asean/
|
Kishida and Yoon to hold talks in Cambodia in bid to improve Tokyo Seoul tiesKishida on Saturday also sought stronger cooperation from ASEAN members in dealing with North Korea s missile and nuclear threats |
2022-11-12 21:04:45 |
ニュース |
BBC News - Home |
US midterms: Senate race neck and neck as Democrat Mark Kelly wins Arizona |
https://www.bbc.co.uk/news/world-us-canada-63606917?at_medium=RSS&at_campaign=KARANGA
|
senate |
2022-11-12 12:37:52 |
ニュース |
BBC News - Home |
Dominic Raab faces questions over aggressive behaviour claims |
https://www.bbc.co.uk/news/uk-63607491?at_medium=RSS&at_campaign=KARANGA
|
justice |
2022-11-12 12:34:19 |
ニュース |
BBC News - Home |
Rugby World Cup: New Zealand beat England 34-31 in World Cup final |
https://www.bbc.co.uk/sport/av/rugby-union/63608984?at_medium=RSS&at_campaign=KARANGA
|
Rugby World Cup New Zealand beat England in World Cup finalWatch highlights as England s winning streak comes to an end in the most important game of all as New Zealand win the World Cup for a sixth time on a historic night for women s rugby at Eden Park |
2022-11-12 12:11:41 |
ニュース |
BBC News - Home |
Billie Jean King Cup: Great Britain lose opening rubber to Australia |
https://www.bbc.co.uk/sport/tennis/63608672?at_medium=RSS&at_campaign=KARANGA
|
Billie Jean King Cup Great Britain lose opening rubber to AustraliaGreat Britain must fight back from behind to reach the Billie Jean King Cup final after Heather Watson loses the opening rubber of the semi final against Australia |
2022-11-12 12:47:40 |
北海道 |
北海道新聞 |
母校と別れ「お疲れさま」 来春閉校の函館・臼尻中で記念式典 |
https://www.hokkaido-np.co.jp/article/759760/
|
記念式典 |
2022-11-12 21:17:00 |
北海道 |
北海道新聞 |
第2次補正予算、3割が基金に 8・5兆円、38事業 |
https://www.hokkaido-np.co.jp/article/759757/
|
補正予算 |
2022-11-12 21:09:00 |
北海道 |
北海道新聞 |
息子名乗る男らに100万円だまし取られる 岩見沢の80代男性 |
https://www.hokkaido-np.co.jp/article/759755/
|
岩見沢市 |
2022-11-12 21:07:00 |
北海道 |
北海道新聞 |
釧路管内274人感染 根室管内95人 新型コロナ |
https://www.hokkaido-np.co.jp/article/759754/
|
根室管内 |
2022-11-12 21:07:00 |
北海道 |
北海道新聞 |
<いいコレ道東>食・観光 |
https://www.hokkaido-np.co.jp/article/759753/
|
観光 |
2022-11-12 21:04:00 |
コメント
コメントを投稿