Tracking and monitoring
When you are dealing with security in your application, it is important to keep track and monitor what is happening in it. In Chapter 6, Monitoring, we implemented Sentry as a log and monitoring system and we also added Datadog as our APM, so you can use these tools to keep track of what is happening and to send you alerts.
However, what do you want to track? Let's imagine that you have a login system, this component is a good place to add your tracking. If you track each failed login for a user, you can know if somebody is trying to attack your login system.
Does your application allow users to add, modify, and delete content? Track any changes to the content so that you can detect untrusted users.
In security, there are no standards about what to track and what not to track, simply use your common sense. Our main recommendation is to create a list of sensitive points in your application that cover at least where the users can login, create content, or delete it and...