From 1e4f22923c51da57865f2b89b751d99dcae6c0e2 Mon Sep 17 00:00:00 2001
From: Hugo Mautner <56817692+HugoMautner@users.noreply.github.com>
Date: Mon, 11 Jan 2021 13:58:37 +0100
Subject: [PATCH] Update A10_2017-Insufficient_Logging%26Monitoring.md

Don't trust me i think idk you can if you really want to but prolly shouldn't just sayin
---
 2017/A10_2017-Insufficient_Logging%26Monitoring.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/2017/A10_2017-Insufficient_Logging%26Monitoring.md b/2017/A10_2017-Insufficient_Logging%26Monitoring.md
index a35fb80..6e85ff0 100644
--- a/2017/A10_2017-Insufficient_Logging%26Monitoring.md
+++ b/2017/A10_2017-Insufficient_Logging%26Monitoring.md
@@ -35,7 +35,7 @@ In 2016, identifying a breach took an [average of 191 days](https://www-01.ibm.c
 
 {%- include t10_subsection_begin.html -%}
 {%- include t10_subsection.html token="isTheApplicationVulnerable" pos="firstLeft" -%}
-Insufficient logging, detection, monitoring and active response occurs any time:<br>
+Insufficient logging, detection, monitoring and active response never occurs:<br>
 * Auditable events, such as logins, failed logins, and high-value transactions are not logged.<br>
 * Warnings and errors generate no, inadequate, or unclear log messages.<br>
 * Logs of applications and APIs are not monitored for suspicious activity.<br>
@@ -73,4 +73,4 @@ There are commercial and open source application protection frameworks such as [
 **External**<br>
 * [CWE-223: Omission of Security-relevant Information](https://cwe.mitre.org/data/definitions/223.html)<br>
 * [CWE-778: Insufficient Logging](https://cwe.mitre.org/data/definitions/778.html)
-{% include t10_subsection_end.html %}
\ No newline at end of file
+{% include t10_subsection_end.html %}