Upcoming Webinar
Understand How Your Peers Approach AD Forest Recovery
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
Unlocking the Secrets of App Security!
In this episode of UnplugIT, Stephen Rose talks to IT expert and technology engineer Sean Hurley about how to secure apps in the cloud.
Essential Eight + Microsoft 365 Backup Compliance
This download allows you to demonstrate exactly how the technology you use keeps customers covered and compliant.
UK Ransomware Guidelines + M365 Backup Compliance
This download allows you to demonstrate exactly how the technology you use keeps customers covered and compliant.

CISA Releases New ‘Logging Made Easy’ Tool to Detect Security Threats

Key Takeaways:

CISA has released a new Logging Made Easy (LME) tool to cater to organizations without access to a security operations center or a comprehensive SIEM solution.

LME equips security teams with event-driven logs and elastic security detection rules, empowering them to detect and counter advanced threats.

The release of Logging Made Easy (LME) currently supports Windows-based devices in on-premises environments.

The Cybersecurity and Infrastructure Security Agency (CISA) has recently released a new Logging Made Easy (LME) solution. The free tool is strategically tailored to address the unique needs of small businesses that may not have access to a dedicated security operations center or a comprehensive security information and event management (SIEM) solution.

The LME tool provides Event-driven logs that should make it easier for organizations to detect and mitigate security threats. It provides built-in elastic security detection rules that can support analysts in safeguarding their corporate assets.

“Logging is critical for proactive monitoring of threats and retroactive investigation and remediation in the event of an incident. Logging Made Easy is a tested and reliable solution that can help organizations with limited resources needing a centralized logging capability,” said Chad Poland, PM for Cyber Shared Services. “CISA is excited to offer this shared service capability to U.S. and international organizations that can help them mitigate risk and identify vulnerabilities.”

According to CISA, LME uses free software such as Docker, Ubuntu, and Elastic. The cybersecurity agency will keep a close eye on updates made by software providers to ensure uninterrupted service performance. The LME architecture is comprised of 3 groups of computers, as shown in the screenshot below:

CISA Releases New 'Logging Made Easy' Tool to Detect Security Threats

CISA has acknowledged a couple of limitations with the LME tool. As of today, the tool only works with Windows-based devices in on-premises environments. CISA plans to add support for cloud-based services (such as Windows running on virtual machines (VMs) in the future.

If you’re interested, you can download the LME tool from the official GitHub repository. However, CISA warned that it’s not a professional tool and should not be used as a SIEM (Security Information and Event Management) solution. The cybersecurity agency has announced its plans to expand the tool’s support to other operating systems in the near future.

by Rabia Noureen
Oct 31, 2023

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

Streamlining SaaS Governance: How Nudge Security Simplifies Compliance and Security Management for Cloud Apps

Oct 30, 2023
Nov 03, 2023
The Dirty Truth About IT Offboarding Automation

Jul 21, 2023
Aug 25, 2023
Five Tactics Towards Achieving Zero Trust with Azure Active Directory

Aug 29, 2023
Feb 01, 2024

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.