Logging and auditing relationship with your security/auditors
makst at upenn.edu
Mon May 18 20:48:52 UTC 2020
Since we switched from CoSign to Shibboleth many years ago our Security/Auditing team has asked us for a variety of logging changes.
I'm curious what sorts of things the other universities are doing with their IdP to address the auditing needs of their organization.
We're struggling with the logging differences between Cosign, Cosign+Shibboleth IdP, and Shibboleth IdP by itself.
More information about the users