Security and compliance monitoring in real- time
- Security and Compliance Monitoring
- Real-time audit & compliance data provider, and audit trail protector
- dump and log anonymization for all platforms
- RACF database cleanup for z/OS
- Maximum Password Security
- Unique utilities as individual solutions for z/OS
SF-Sherlock optimizes maximum mainframe security and compliance as your all-in-one solution in detecting – alerting – combating and monitoring.
Your mainframe platform is finally actively protected to the max by our maximum security software SF-Sherlock – a single, integrated, plug & play auditing solution. SF-Sherlock’s all-inclusive real-time configuration and event auditing software does it all. It detects, verifies and/or blocks suspicious behavior, manipulation, and fraud in both the dynamic and static functions of your entire system.
Only a few markets, like here that in Switzerland, can boast of maximum or extraordinary information protection laws and requirements. For more than a decade, the Swiss financial sector has counted on our unique software solution to both achieve and maintain maximum security.
To achieve and maintain maximum security with SF-Sherlock means:
In having constantly developed and implemented highly innovative and reliable IT security technologies for over a decade, we provide protection capabilities that are unique worldwide. No wonder we are partners with the world’s largest companies and institutions in successfully achieving and maintaining maximum secure environments.
You are aware of today’s risks and dangers
and therefore place a very high value on maximum IT security to protect your company’s major assets. In the era of the Internet and
You know the current, strict legal regulations and recommendations
such as Basel II, IT Baseline Protection Manual (German Federal Office for Information Security), Sarbanes Oxley (SOX), U.S. DOD Regulations, Gramm Leach Bliley Act (GLBA), KonTraG, RS FAIT 1, HIPAA Security, 95/46/EC Data Protection Directive, etc. and the certification criteria according to ISO or BS. These standards require your company to apply precise, efficient and effective measures for securing all IT-based processes and related audit trails, including the underlying technology, against internal and external attacks. You also need to have clear evidence of relief to customers, shareholders
You regard security, quality and cost efficiency as extremely important competitive factors.
You know that only with increased quality and the highest level of automation in your daily work processes can you achieve the required highest level of productivity. Accomplishing this will give you the flexibility and time necessary to meet the actual business challenges and opportunities which the future brings.
You want a single solution
that performs all the necessary tasks, such as monitoring events, examining the weak areas of your system by a constant vulnerability assessment, and practically covering the complete technological spectrum of the mainframe platform. At the same time, at your desired level of increased value, this solution should allow for daily application and organized cooperation from all different departments, from the technical level up to the highest level of management.
You also demand openness to integration.
SF-Sherlock Real-time security and Quality Monitoring
SF-Sherlock represents the
The demand for action can not be denied
Since 2004, the German Federal Office for Information Security (BSI) has gone far beyond the compliance level of the U.S. Department of Defense by openly discussing the risks and defining the necessary security measures for the z/OS mainframe platform in its central security guide, the »IT Baseline Protection Manual«. The key message describes the demand for »using a real-time security monitor for z/OS systems to be able to determine security infringements faster«. Real-time monitoring for only a single isolated security aspect, such as SMF records, is still insufficient. Monitoring the entire z/OS with all its components and complex relations and details is necessary. SF-Sherlock monitors the z/OS system comprehensively and
Technology that guarantees success
The automatic and comprehensive security and quality assurance technology of SF-Sherlock fully supports the above mentioned outstanding objectives and lets your mainframe platform comply with all the different legal regulations and requirements. With SF-Sherlock, not only do you meet the necessary requirements, you also accomplish both total quality assurance and comprehensive protection. SF-Sherlock paves the secure way
Productivity that guarantees success
Security and quality automation with SF-Sherlock is the answer to the new z application fields in the era of the internet and E-business.
Over the past several years, compliance has become more and more an important issue, but also a tedious task. Our SF solutions assist you in automating the resulting workload to the max by also covering the entire mainframe platform - thanks to a 360-degree approach.
With SF-Sherlock, you can also protect your mainframe platform against attacks and combat high-level risks. Thanks to our max approach this also includes malicious code and exploits. Yes, both of these are real risks on the mainframe platform!
All SF solutions are invented and developed in-house. Therefore, you can count on both our unique expertise and our high level of motivation in providing you with solutions and services with maximum performance, effectiveness, and productivity.
Are you expecting a governmental audit of your mainframe platform soon, as
by the BaFin, ECB, or one of
the “Big Four”?
Let us help you prepare your mainframe security and compliance.
++800 - 37 333 853 or simply dial: ++800 - DRFEDTKE
Call our world-wide toll-free number now!
(++ represents the prefix for international calls; in most countries it is 00; in the U.S. it corresponds to 011)
News & IT Security Forum
Begin of april we launch SF-Sherlock’s Continuous Delivery Level 089. It provides a broad spectrum of new and innovative monitoring, protection and alerting capabilities. For example, the policy compliance checker contributes new “superpower” to the SF-Sherlock performance. This new level also supports your cost savings by adapting the SF-Sherlock workload to the “Tailored Fit Pricing.”
If you look back along the evolutionary steps of mainframe security, APF libraries play a leading role – due to their “superpower.” Until the 1980s, “almost anyone” working on a mainframe was able and allowed to define one themselves. In most cases, there was no APF library protection at all. Then there was a phase where APF-related auditing received more and more attention, and correspondingly became an important audit issue.
The attention that “APF” received as a security risk has continued to increase over time. Today, it has almost reached the highest level of awareness: only a very few members of a company’s mainframe team are allowed to define a new APF library or update existing ones. Any such action requires prior permission, not just some documentation after it has happened. On our customer visits, we have seen companies where a new APF library requires not only an official change request, but up to “5 signatures.” Otherwise, you lose your job. Correspondingly, relentless monitoring and compliance reporting has become standard for the “APF” risk, resulting in real-time security alerts by a SIEM if corresponding rules are bypassed.
So far, so good. Now that there is great awareness of “APF,” the question will be if the entire mainframe security mission has now been accomplished? Or what’s the next superpower, following “APF,” that mainframe users need to focus on?
Based on our worldwide penetration testing experience, we have determined that “System REXX” and “BCPii” are two further members of the superpower league; both are good candidates for becoming the next “big focus.” In recent years, both z/OS features have been improved so that they are now “easy-to-use” functions. But there is no free lunch. As a consequence, highly critical operations became minimally complex, and you have to “pay” the price for setting up gap-free security measures. User-friendly and easy-to-use superpower features are an invitation to attackers. Complexity is a kind of protection. Compared to assembler programming or disassembling machine code, REXX programming is pretty trivial!
This is why SF-Sherlock focuses intensively on both of these areas. Please feel free to contact us to discuss additional details of what is necessary to properly protect System REXX and BCPii.
Join our newsletter list
Stay updated with our news and events.
Worldwide toll-free phone number
+800 - 37 333 853
or simply dial:
+800 - DRFEDTKE
+41 41 710 7444
(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011, and you have to dial 011-800-37333853)