Log, Monitor, and Alert
The application’s session management functionality should be closely integrated with its mechanisms for logging, monitoring, and alerting, in order to provide suitable records of anomalous activity and enable administrators to take defensive actions where necessary: ■ The application should monitor requests that contain invalid tokens. Except in the most trivially predictable cases, a successful attack … Read more