The Cybersecurity and Infrastructure Security Agency (CISA) today announced plans to develop and establish its own version of the Logging Made Easy (LME) tool – an open-source project that provides basic logging of security information on enrolled Windows devices.
According to the agency’s April 20 press release, LME reduces a user’s log management burden by providing integrated capabilities that generate greater transparency into operating system and network security across deployed devices.
The tool was originally developed and maintained by the United Kingdom’s National Cyber Security Centre (NCSC). The NCSC retired LME in late March to “allow the NCSC to divert resources to new initiatives designed to help protect the UK’s cyber infrastructure.”
CISA said it will build on NCSC’s successful platform, expand LME’s centralized logging capabilities, and launch the new tool to public and private sector stakeholders this summer.
“Logging Made Easy is a great resource created by our teammates at NCSC that provides basic logging of security information for Windows devices,” said CISA Director Jen Easterly.
“Given CISA’s continued focus on providing support to ‘target-rich/cyber-poor’ entities, LME is another great tool we can leverage to assist our partners,” she said. “We’re proud to take on this program which showcases, yet again, our seamless collaboration with our close partners at NCSC.”
LME is particularly useful for those that manage their organization’s catalog of Windows-based equipment and who lack the resources for a more robust commercial solution, the press release says.
“Our Logging Made Easy project has undeniably delivered results and we are proud to have supported thousands of defenders to keep their networks safe,” said Lindy Cameron, NCSC CEO. “The project’s transition to oversight from CISA will mean that existing and new users of the tool will continue to reap the significant benefits that it provides.”
Until CISA re-launches LME this summer, neither CISA nor NCSC will maintain the legacy LME tool, and the agencies have urged organizations using the unsupported version to exercise due caution during that period.