HackerTrans
TopNewTrendsCommentsPastAskShowJobs

SIEM logging plain text secrets from workstations? Is this normal?(old.reddit.com)

2 points·by redman25·2 lata temu·1 comments
old.reddit.com
SIEM logging plain text secrets from workstations? Is this normal?

https://old.reddit.com/r/cybersecurity/comments/1ewgc48/siem_logging_plain_text_secrets_from_workstations/

1 comments

patrakov·2 lata temu
I was surprised by how many "that's OK" answers this got. All known secrets should be either masked or tokenized, which means replacing them with either asterisks or an irreversible hash of the original value.

It's a security bug if one cannot configure the masking or tokenization process. One should be able to specify the names of sensitive variables and regular expressions for known dangerous-to-log strings.