The Cybersecurity and Infrastructure Security Agency (CISA) has introduced Logging Made Easy (LME), a new Windows-based, free and open log management toolset designed to help organizations better use security data.
The new tool is focused on helping target rich, resource poor organizations leverage security data to detect and address cyber threats more effectively. It is an adaptation of the original Logging Made Easy tool from the United Kingdom’s National Cyber Security Centre.
“Logging is critical for proactive monitoring of threats and retroactive investigation and remediation in the event of an incident. Logging Made Easy is a tested and reliable solution that can help organizations with limited resources needing a centralized logging capability,” Chad Poland, CISA’s product manager for cyber shared services, said in a press release.
“CISA is excited to offer this shared service capability to U.S. and international organizations that can help them mitigate risk and identify vulnerabilities,” he added.
CISA said a few uses cases for LME include:
- A subject matter expert looking for vetted protective monitoring capabilities;
- A security administrator in need of a centralized logging repository;
- A chief information security officer interested in acquiring better optics on when and how their workforce is using deployed equipment;
- A cybersecurity enthusiast curious to sample threat reports and render queries that might divulge the presence of an attacker; or
- A small business owner with limited IT security tools and resources seeking a no-cost logging service.
LME is hosted on CISA’s GitHub repository and is self-installable at no cost. The agency said it will continue to develop gradual changes to the toolset over time.
