SF-Sherlock
Resilience via security and compliance monitoring in real-time
- Security and Compliance Monitoring
Discover SF-Sherlock
- Real-time audit & compliance data provider, and audit trail protector
Discover SF-NoEvasion
- Dump and log anonymization for all platforms
Discover SF-SafeDump
- RACF database cleanup for z/OS
Discover SF-SecuClean
- Maximum Password Security
Discover SF-LoginHood
- Unique utilities as individual solutions for z/OS
Discover SF-Utilities
SF-Sherlock optimizes maximum mainframe security and compliance as your all-in-one solution in detecting – alerting – combating and monitoring. DORA and NIS-2 readiness never been so efficient to implement.
Your mainframe platform is finally actively protected to the max by our maximum security software SF-Sherlock – a single, integrated, plug & play auditing solution. SF-Sherlock’s all-inclusive real-time configuration and event auditing software does it all. It detects, verifies and/or blocks suspicious behavior, manipulation, and fraud in both the dynamic and static functions of your entire system.
Only a few markets, like here that in Switzerland, can boast of maximum or extraordinary information protection laws and requirements. For more than a decade, the Swiss financial sector has counted on our unique software solution to both achieve and maintain maximum security.
To achieve and maintain maximum security with SF-Sherlock means:
Support of all important security standards, such as BSI Base Protection (“BSI Grundschutz”), PCI, NIST, STIG, ZeroTrust, and more
Easy “out of the box” SIEM integration, such as to Splunk, ArcSight, QRadar and more
In having constantly developed and implemented highly innovative and reliable IT security technologies for over a decade, we provide protection capabilities that are unique worldwide. No wonder we are partners with the world’s largest companies and institutions in successfully achieving and maintaining maximum secure environments.
You are aware of today’s risks and dangers
and therefore place a very high value on maximum IT security to protect your company’s major assets. In the era of the Internet and
You know the current, strict legal regulations and recommendations
such as Basel II, IT Baseline Protection Manual (German Federal Office for Information Security), Sarbanes Oxley (SOX), U.S. DOD Regulations, Gramm Leach Bliley Act (GLBA), KonTraG, RS FAIT 1, HIPAA Security, 95/46/EC Data Protection Directive, etc. and the certification criteria according to ISO or BS. These standards require your company to apply precise, efficient and effective measures for securing all IT-based processes and related audit trails, including the underlying technology, against internal and external attacks. You also need to have clear evidence of relief to customers, shareholders
You regard security, quality and cost efficiency as extremely important competitive factors.
You know that only with increased quality and the highest level of automation in your daily work processes can you achieve the required highest level of productivity. Accomplishing this will give you the flexibility and time necessary to meet the actual business challenges and opportunities which the future brings.
You want a single solution
that performs all the necessary tasks, such as monitoring events, examining the weak areas of your system by a constant vulnerability assessment, and practically covering the complete technological spectrum of the mainframe platform. At the same time, at your desired level of increased value, this solution should allow for daily application and organized cooperation from all different departments, from the technical level up to the highest level of management.
You also demand openness to integration
into company-wide, cross-platform security management and audit solutions. You never want to doubt your investments in these areas. The solution you aim for should indeed consistently support your interests, also within the scope of ITIL, COBIT, BS7799, ISO 27001, DORA, NIS-2, among others.
Solution:
SF-Sherlock Real-time security and Quality Monitoring
Technology
SF-Sherlock represents the
The demand for action can not be denied
Since 2004, the German Federal Office for Information Security (BSI) has gone far beyond the compliance level of the U.S. Department of Defense by openly discussing the risks and defining the necessary security measures for the z/OS mainframe platform in its central security guide, the »IT Baseline Protection Manual«. The key message describes the demand for »using a real-time security monitor for z/OS systems to be able to determine security infringements faster«. Real-time monitoring for only a single isolated security aspect, such as SMF records, is still insufficient. Monitoring the entire z/OS with all its components and complex relations and details is necessary. SF-Sherlock monitors the z/OS system comprehensively and
Technology that guarantees success
The automatic and comprehensive security and quality assurance technology of SF-Sherlock fully supports the above mentioned outstanding objectives and lets your mainframe platform comply with all the different legal regulations and requirements. With SF-Sherlock, not only do you meet the necessary requirements, you also accomplish both total quality assurance and comprehensive protection. SF-Sherlock paves the secure way
Productivity that guarantees success
Security and quality automation with SF-Sherlock is the answer to the new z application fields in the era of the internet and E-business.
Compliance
Over the past several years, compliance has become more and more an important issue, but also a tedious task. Our SF solutions assist you in automating the resulting workload to the max by also covering the entire mainframe platform - thanks to a 360-degree approach.
Protection
With SF-Sherlock, you can also protect your mainframe platform against attacks and combat high-level risks. Thanks to our max approach this also includes malicious code and exploits. Yes, both of these are real risks on the mainframe platform!
SF Solutions
All SF solutions are invented and developed in-house. Therefore, you can count on both our unique expertise and our high level of motivation in providing you with solutions and services with maximum performance, effectiveness, and productivity.
Are you expecting a governmental audit of your mainframe platform soon, as
by the BaFin, ECB, or one of
the “Big Four”?
Let us help you prepare your mainframe security and compliance.
+800 - 37 333 853 or simply dial: +800 - DRFEDTKE
Call our world-wide toll-free number now!
(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011)
News & IT Security Forum
Mainframe penetration testing
by sfeisadmin | Jun 13, 2025 | News
Together with leading-edge co-authors, such as Nina Wagner from Mind-Bytes, we wrote a new book about penetration testing. Published by Springer in German, it covers all aspects relevant to successfully performing pentests in the context of DORA, NIS-2 and other regulatory requirements. The book also includes access to online courses on the Springer Iversity platform.
“Forensic Swiss Knife for z/OS” – become DORA- and FINMA-ready
by sfeisadmin | Apr 28, 2025 | News
DORA and FINMA sustainably increase the demands on IT security and resilience. One aspect of the proactive regulations concerns the more negative situations and aspects of an incident and how to deal with them, known as incident management. Such an incident necessitates a short-term, in-depth forensic analysis. The results of this analysis must be profound. Why? Since the decision on the restore point may be based on them. And don’t forget the stress level in such a situation. In the case of the mainframe, the logs and events kept online in the SIEM are often not 100% and potentially insufficient for the required deep-level analysis. Why? Because the total volume of data would often be too large for a truly complete SIEM delivery. What consequences does this have for DORA-related incident management? Your IT must always be able to provide the forensics team with the complete inventory of forensic data at short notice for selective periods of time, in an environment that is familiar to them and therefore performs well in terms of analysis. This is usually the SIEM, such as Splunk, ArcSight or QRadar, and not the TSO ISPF environment.
To support your mainframe environment with regard to this DORA aspect, SF-Sherlock’s PTF Level 095 also includes a “Forensic Swiss Knife for z/OS.” This allows you to prepare for this situation in accordance with DORA and FINMA. It works ON REQUEST to provide the SIEM with 100% of the necessary forensic data for a selected date and time range. It’s desgined to work even if top specialists are unavailable. The only step you need to take is to create the corresponding documentation in the operating manual. Such incident-related SIEM 100% filling should also always be part of the emergency drills required by DORA and FINMA.
Join our newsletter list
Stay updated with our news and events.
Worldwide toll-free phone number
+800 - 37 333 853
or simply dial:
+800 - DRFEDTKE
Alternatively:
+41 (0)41 710 7444
(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011, and you have to dial 011-800-37333853)
Find Us
Headquarters
Seestrasse 3a, 6300 Zug, Switzerland
Visitors & Training
Dammstrasse 19, 6301 Zug, Switzerland
Social Media
Write Us
Marketingmarketing@enterprise-it-security.comcopy the address
Technical support and hotline
hotline@enterprise-it-security.com
copy the address
Legal and compliance legal@enterprise-it-security.com
copy the address