On a similar environment to the Toolserver that I've used in the past, I've had to
log the start and end times of any non-trivial external vulnerability testing (i.e.
running Netsparker against production servers). I'm guessing these were used to
redact portions of the logs prior to security audits.
Anything we should be doing here to make life easy for the admins?
TB
Show replies by date