# A09 - Security Logging and Monitoring Failures

## Description
This category helps detect, escalate, and respond to active breaches. Without logging and monitoring, breaches cannot be detected. Insufficient logging, detection, monitoring, and active response occurs at any time.

## Common Vulnerabilities
- Missing security logs
- Inadequate log protection
- No alerting mechanism
- Logs not monitored
- Insufficient log detail
- No incident response

## Testing Approach
Verify that security-relevant events are logged, logs are protected, alerting mechanisms exist, and incident response procedures are in place.