Later this year, the Logging Made Easy utility will be transferred to CISA’s GitHub page, but it won’t be supported until then.
The UK’s cybersecurity agency has discontinued funding for an open-source programme it developed to make it simpler to record security incidents on Windows operating systems and ironically called “Logging Made Easy.” The United States’ Cybersecurity and Infrastructure Security Agency, however, stepped in with a promise to maintain and update the tool not long after the U.K. declared it would stop providing support for the software.
It might be difficult to ensure that your organisation is producing, storing, and analysing the appropriate network logs. Additionally, there isn’t currently any funding designated particularly for that effort, despite the fact that federal agencies are required to collect and keep specified cybersecurity-related data. A document indicating which logs and systems agencies should give priority was made available by CISA in February.
The open-source LME tool was created by NCSC-UK in the UK and released on GitHub in 2018 as a free tool. In order to “focus on the most significant cyber security challenges” and “divert resources to new initiatives designed to help protect the U.K.’s cyber infrastructure,” the U.K. cyber agency announced in January that it would stop supporting the tool as of March 31.
The blog was updated on Thursday to reflect CISA’s new determination to take over project stewardship, with the following warning:
“Neither agency will maintain code between now and when CISA reconstitutes the tool on their GitHub page. Current users who continue to use LME during this intersessional period must maintain and update the tool independently, and do so at their own risk.”
“Our Logging Made Easy project has undeniably delivered results and we are proud to have supported thousands of defenders to keep their networks safe,” said Lindy Cameron, NCSC CEO. “The project’s transition to oversight from CISA will mean that existing and new users of the tool will continue to reap the significant benefits that it provides.
Though a specific date has not been determined, the tool will most likely be republished on CISA’s GitHub page by the end of the summer.