Logs contain a wealth of information about a system’s behaviour, user actions, and application performance, all of which are valuable to both stakeholders and malicious actors. Therefore, it is always best practice to consider logs as toxic, providing an appropriate rationale for their creation, securely offloading them at runtime, and ensuring they are properly redacted and destroyed after a defined retention period. Consider all environments, every flow of data in and out of the system, and the various states of data at rest and in transit. Other system services and components may also generate logs that should be considered toxic and treated with the same policies and procedures.