Protect application critical/sensitive log information from malicious and unauthorize attackers during software development and runtime deployment.
Software programs often generate unprotected log messages that contain critical and sensitive information about the execution flow of the software program and the data it uses during execution.
Current approaches to protect log messages have been limited to protecting log messages after the software program has generated the log messages and saved to external storage.
To reduce this exposure, a holistic approach is needed o protect log data during the development of the software programs, during the generation of software program executables, and during runtime execution of executables.
Wandi-SASL solution protects log messages in source code during software development stage, embedded in software libraries during build and integration stages, and compiled in executables during the deployed runtime stage.
Wandi-SASL is based on U.S Patent Number 12,361,116,B1:
“…provides method that protects software program audit/log messages during: development of software programs, generation of software program executables, and runtime execution of software program executables. The method separates audit/log messages from software programs, and represents audit/ log messages as id=value pairs, where the id is an identifier and the value is an audit/log message string text. To protect and prevent extraction of string text, the solution uses the id elements in the development of software programs and generation of software program executables. During runtime execution the method uses the string text to identify and extract log message arguments, protects, and stores them in fixed size circular queues storage. To prevent loss of audit/log messages the method continuously saves the content of fixed size storage and fixed size circular queues storage.”