Security check

Security logging: can you even see when something goes wrong?

You can't respond to a breach you never detect. We assess whether your systems log the right security events, whether the logs are protected from tampering, and whether they actually make it possible to detect and investigate an incident.

Run a free domain scan All checks β†’
Relates to: ISO 27001 Β· A.8.15 logging / A.8.16 monitoring SOC 2 Β· CC7.2–CC7.3 detection NIS2 Β· art. 21 β€” detection & incident handling GDPR Β· art. 33 detection

What we check

We assess your logging and detection capability: are authentication, permission changes and critical actions logged, are logs collected centrally, are they protected from deletion/tampering, and is there alerting that actually catches an ongoing incident β€” not just data nobody looks at.

Why it matters

Logging is the prerequisite for every reporting deadline: NIS2's 24h/72h and GDPR's 72h start ticking when you detect the incident. Without the right logs you detect it late or never, and an investigation becomes impossible to carry out after the fact.

How Security Guru tests it

Common mistakes

  • Logs collected but nothing alerts on anything β€” data without detection
  • Logs stored locally where an attacker can delete them
  • No logging of permission changes and admin actions
  • Retention too short to investigate an incident after the fact

What you get in the report

  • Logging and detection capability per system
  • Critical events not logged or monitored
  • Protection and retention assessed against regulatory needs
  • Mapping to ISO A.8.15/16 / SOC 2 CC7 / NIS2

FAQ

Do you read the contents of our logs?

No β€” we assess the logging and detection capability, not the content. A deeper review can run self-hosted.

Do we need a SIEM?

Not necessarily β€” but you need central collection and alerting that actually catches an incident. We show where your level falls short.

Does this connect to incident reporting?

Yes β€” logging is the prerequisite for starting NIS2's and GDPR's reporting clock in time.

Want to know your status?

Run a free scan or order a full Security Assessment β€” prioritised, not noise.

Run a free domain scan