Finally you can fully enforce your data leakage prevention policies by including even the trickiest and most technical data leaks in IT dump files.

Prevent confidential data leakage via dump file anonymization

N

Eliminate all confidential data from your dump files

N

Ensure that all dump files remain technically fully usable

N

Rely on a comprehensive, efficient and transparent anonymization procedure

Did you know that your company‘s IT staff sends dump files with highly confidential information to external third parties every day and thus violates elementary security policies without even knowing it?

 

What, in fact, is a dump file?

When more complex technical problems need to be solved, as in the case of an abnormally terminating (“abending”) program, application or system, software vendors will ask for a so-called “dump”, which captures every detail surrounding the error or problem. Such a dump file is a snapshot of the current status at the time of error, including all the required debug data, e.g. memory content, processor registers, any currently executed SQL statement, etc. While system programmers deal with system, memory, core or kernel dumps, application developers prefer to work with “user mode process dumps” or SQL dumps. Additional types result from other sources. Dump files easily become huge and may include a gigabyte or more of data. When browsing through a dump file you may easily feel overwhelmed by an almost infinite amount of purely technical information.

What is the security-related problem regarding dump files?

For non-specialists these files look boring, or even worse, harmless, since most of the information seems to be binary or even cryptic, i.e. in a format unreadable to humans. No one will assume that these “ugly” dump files might include highly sensitive company secrets, such as confidential client information or the security-related details of your systems.

How do secrets get into dump files?

Dump files will include confidential and revealing information when the application and system memories are captured – for debugging purposes only, of course. Such a memory dump may include client names, account or credit card numbers, and many other kinds of critical data stored for processing the moment it was made.

Solution:

SF-SafeDump – z/OS dump and log anonymization

How can you solve this high-risk security problem?

Our SF-SafeDump solution finally prevents your dump files from including confidential or security-critical data, allows them to remain completely technically usable for their actual purpose – that of solving your software problems. Our expert knowledge based on more than 15 years of experience in this field guarantees the ultimate solution to this quite tricky and hidden problem.

Your IT staff will definitely support this kind of data leakage prevention ensured by our SF-SafeDump technology!

Since fully transparent integration is ensured, SF-SafeDump always matches all current dump file handling and operational procedures established with your service partners. This means there is simply no impact on how your specialists currently transfer, compress, manage and analyze their dump files. These files simply become safe and compliant by no longer unveiling any secrets!

Finally you can fully enforce your data leakage prevention policies by including even the trickiest and most technical data leaks in IT: dump files. SF-SafeDump is the only measure preventing any information any leakage of information that may result from frequently performed dump file exchanges between software users and their vendors. SF-SafeDump lets you enforce a modern and safe information provisioning policy to provide information on a need-to-know basis. Without dump file anonymization, your information leakage prevention policy will definitely not be up-to-date.

Dump file anonymization to effectively prevent confidential data leakage and theft

Automate your IT Security and Compliance to the max today!

Solutions to the max.

Cross-Platform Security Solutions

Constant monitoring and auditing of all computer systems is state of the art. For large enterprises it also requires a real-time integration of the mainframe platforms governing event monitoring, vulnerability assessment and compliance checking. With SF-Sherlock and SF-NoEvasion, your security monitoring solution is powerful and can be implemented across your enterprise through the easy integration of the mainframe.

Compliance

Over the past several years, compliance has become more and more an important issue, but also a tedious task. Our SF solutions assist you in automating the resulting workload to the max by also covering the entire mainframe platform - thanks to a 360-degree approach.

Protection

With SF-Sherlock, you can also protect your mainframe platform against attacks and combat high-level risks. Thanks to our max approach this also includes malicious code and exploits. Yes, both of these are real risks on the mainframe platform!

SF Solutions

All SF solutions are invented and developed in-house. Therefore, you can count on both our unique expertise and our high level of motivation in providing you with solutions and services with maximum performance, effectiveness, and productivity.

Are you expecting a governmental audit of your mainframe platform soon, as by the BaFin or ECB?

Let us help you prepare your mainframe security and compliance.

++800 - 37 333 853 or simply dial: ++800 - DRFEDTKE

Call our world-wide toll-free number now!

(++ represents the prefix for international calls; in most countries it is 00; in the U.S. it corresponds to 011)

News & IT Security Forum

08/2018 – SF-SafeDump supports the integration of external confidential data scanner (CDS) and data leakage prevention (DLP)

Companies dealing with extremely sensitive data often use confidential data scanner (CDS) or data leakage prevention (DLP) applications to do a general scan of all documents before they may leave house. It’s important to emphasize that such CDS and DLP solutions do not perform anonymization, but instead scan documents (files) for possible sensitive content and create a corresponding report. With SF-SafeDump’s new PTF level 017 it’s easy to exploit the performance of any CDS or DLP, namely, to double-check any anonymized dumps and log files as regards possible “leftovers.” But we don’t want to give you the wrong impression: the principal quality check, which is highly comprehensive and fully sufficient, also happens within SF-SafeDump. This means that you are safe and covered without a CDS or DLP. You should also be aware of the fact that SF-SafeDump covers many more categories of sensitive information than a CDS or DLP solution.

Overall, the integration of a given CDS or DLP solution into SF-SafeDump is fully optional. On the other hand, it’s a nice feature, since a CDS/DLP scan may increase a company’s internal level of compliance and promote good feelings while applying the “golden rule” of mandatory document scanning fully effectively to in fact any document, i.e. even to dump and log files originating from the mainframe. We will definitely support any such scenario and won’t take it “personally” if users extend the already powerful quality assurance provided by SF-SafeDump through additional review capabilities. We are confident about this, since SF-SafeDump learns from the results of the CDS or DLP. Just to be clear: it’s still the goal and duty of SF-SafeDump to leave all CDS or DLP reports empty.

With PTF Level 017, everything is provided for such an integration of a CDS or DLP application and even to fully automate the related procedures; the tools provided also solve all problems of best practice that occur within such an integration. The new PTF level 017 is now released and ready for download.

 

07/2018 – SF-Sherlock’s new PTF level provides performance improvements for environments with massive amounts of event data (SIEM, Splunk, etc.)

SF-Sherlock, and thus also SF-NoEvasion, has passed additional intensive performance reviews – driven by z/OS installations that process huge amounts of event data within their z/OS-SIEM, log archive, or Splunk integration. Larger amounts of event data easily result from the monitoring of DB2, CICS, MQ, Webshpere as well as other subsystems.

We achieved these great results by using the latest machine instructions supported by System Z machines as well as by further improving SF-Sherlock’s “event consolidation” feature supported by the real-time sniffer. Especially if your SIEM, log archive, or operational intelligence solution is  licensed by the data volume it receives the event consolidation feature is of great benefit and will help you to reduce costs by not wasting your licensed data volume on redundant event data.

The new PTF level 080 is now released and ready for download.

Join our newsletter list

Worldwide toll-free phone number

++800 - 37 333 853
or simply dial:
++800 - DRFEDTKE

Alternatively:
+41 41 710 4005

(++ represents the prefix for international calls; in most countries it is 00; in the U.S. it corresponds to 011)

Find Us

Headquarters

Seestrasse 3a, 6300 Zug, Switzerland

 

Visitors & Training

Dammstrasse 19, 6301 Zug, Switzerland

 

Social Media

Xing → Linkedin →

Write Us

Marketing
marketing@enterprise-it-security.com

copy the address

Technical support and hotline: hotline@enterprise-it-security.com

copy the address