Consider adding logging and monitoring capabilities for your app. A security log could include:

* Authentication and authorization events
* Service configuration changes
* Object reads and writes
* User and group permission changes
* Elevation of role to admin

Your logs should use consistent timestamping for each event and should record the users, IP addresses, or hostnames for all logged events.