Does the system collect these events and logs?

  • All security events
  • Logs of all system components that store, process, or transmit sensitive data
  • Logs of all critical system components
  • Logs of all servers and system components that perform security functions (for example, firewalls, intrusion-detection systems/intrusion-prevention systems (IDS/IPS), authentication servers, e-commerce redirection servers, etc.).
  • Logs of all non-system components that relate to risk management

And does Amity has a process to review these daily?

thanks for asking and sorry for the late reply. Currently we don’t collect any sensitive data, and we emit events to event hub for most user actions. and we track the log when a system component is altered.