Security Audit Logging in Microservice-Based Systems: Survey of Architecture Patterns

Objective. Service-oriented architecture increases technical abilities for attacker to move laterally and maintain multiple pivot points inside of compromised environment. Microservice-based infrastructure brings more challenges security architect related internal event visibility monitoring. Properly implemented logging audit approach is a baseline operations incident management. The aim this study provide helpful resource application product architects, software operation engineers on existing patterns implement trustworthy process in microservice-based environments. Method. In paper, we conduct information threats modeling systematic review major electronic databases libraries, standards presentations at the conferences as well whitepapers industry vendors with relevant products. Results practical relevance. work based research papers analysis, identified best practices its applicability depending environment characteristic. We provided threat typical pattern system 8 threats. mitigation result 11 high-level requirements were identified. High-level can be used by order secure their products