Refuel your enterprise audit solution with the most comprehensive and complete z/OS audit data

Plug & play SIEM connector for your z/OS mainframes (e.g. Splunk, ArcSight, QRadar, etc.

Ultimate hardening, streamlining and consolidation of your audit & security trails.

Log –  Block – Modify.

Allows for the replacement of password and security exits

Target your true auditing & security enemies!

Systems and processes never tell you the whole story. But complete and authentic logs are a prerequisite for both proper IT operation and complete auditing & compliance – including effective detection of fraud and abuse. You may not believe this, but much of the essential and highly critical activity on your recognized z/OS mainframe simply does not come to your attention since it is not logged or properly protected.

The triad of smart and smooth z/OS command and system service verification includes logging, blocking and modifying.
SF-NoEvasion for z/OS allows for the ultimate hardening and transparency of your audit trails with regards to the suppression of information, bypassing, fraud and abuse. It also improves and enhances critical security controls to allow for highly precise and flexible decisions about how they are to be used! Become the boss by finally knowing the complete story on what’s happening on your z platform!

The plug & play Real-Time Sniffer, Spool Monitor, File Watcher, Universal Log Scanner and Event Forwarder finally lets you feed all your security and compliance monitoring applications with event data – with utmost completeness and speed. The included PC-based system for Security Information and Event Management (SIEM) provides a high-performance audit workflow. As an option, it lets you also include events of non-mainframe platforms, such as Windows, UNIX, Linux, etc.

Highest security and compliance levels for the z/OS mainframe platform are requestedAll security and compliance standards, like SOX, PCI, ISO, FERC, DOD, HiPAA, etc., claim full (100%) transparency and the ability to audit completely all processes in your company’s IT. Missing audit information represents a top-level risk, implying the impossibility of effectively detecting fraud, abuse and non-compliant behavior.

But how can incomplete logs be possible on platforms that have received the highest levels of [security] certifications? Your fear is reasonable! Various processes may be involved, such as invalid system configurations, critical system services supporting “no logging” features, tricky log suppression, bypassed security mechanisms, and much more. High-value compliance certifications may easily become invalidated in cases of incomplete audit data. Skilled software vendors, staff, or parties with malicious intent may easily dupe you by hiding the “actual truth”, and, furthermore, putting into question your company’s compliance and the legal protections of your auditing.

SF-NoEvasion profits from the experience of having penetrated and assessed mainframes for over a decade to achieve extremely secure environments.


It provides comprehensive and smart command and system service verification to completely audit and protect all critical z/OS components, including Security Server (RACF), user authentication, user password change, console commands, FTP, and much more. At last, you no longer have to put up with any potential weaknesses in your audit trails, and you can finally achieve the highest level of automated controls and completeness in your compliance strategy!

Finally, you know all of what’s involved in becoming really compliant and secure!

Automate your IT Security and Compliance to the max today!

Solutions to the max.

Cross-Platform Security Solutions

Constant monitoring and auditing of all computer systems is state of the art. For large enterprises it also requires a real-time integration of the mainframe platforms governing event monitoring, vulnerability assessment and compliance checking. With SF-Sherlock and SF-NoEvasion, your security monitoring solution is powerful and can be implemented across your enterprise through the easy integration of the mainframe.


Over the past several years, compliance has become more and more an important issue, but also a tedious task. Our SF solutions assist you in automating the resulting workload to the max by also covering the entire mainframe platform - thanks to a 360-degree approach.


With SF-Sherlock, you can also protect your mainframe platform against attacks and combat high-level risks. Thanks to our max approach this also includes malicious code and exploits. Yes, both of these are real risks on the mainframe platform!

Are you expecting a governmental audit of your mainframe platform soon, as by the BaFin or ECB?

Let us help you prepare your mainframe security and compliance.

++800 - 37 333 853 or simply dial: ++800 - DRFEDTKE

Call our world-wide toll-free number now!

(++ represents the prefix for international calls; in most countries it is 00; in the U.S. it corresponds to 011)

News & IT Security Forum

10/2018 – SF-DeepDive – new due diligence (DD) software package for mainframe outsourcers

When it comes to making decisions about the future of a mainframe, outsourcing is one option to consider. Of course, both sides involved in such a step have their own interests, and there is even tough competition among today’s outsourcing service providers.

The new SF-DeepDive due diligence (DD) software package provides exactly what a mainframe outsourcer needs to get a clearer insight into given systems in a short amount of time.
As an option, it can be combined with local assessment services from our company.

08/2018 – SF-SafeDump supports the integration of external confidential data scanner (CDS) and data leakage prevention (DLP)

Companies dealing with extremely sensitive data often use confidential data scanner (CDS) or data leakage prevention (DLP) applications to do a general scan of all documents before they may leave house. It’s important to emphasize that such CDS and DLP solutions do not perform anonymization, but instead scan documents (files) for possible sensitive content and create a corresponding report. With SF-SafeDump’s new PTF level 017 it’s easy to exploit the performance of any CDS or DLP, namely, to double-check any anonymized dumps and log files as regards possible “leftovers.” But we don’t want to give you the wrong impression: the principal quality check, which is highly comprehensive and fully sufficient, also happens within SF-SafeDump. This means that you are safe and covered without a CDS or DLP. You should also be aware of the fact that SF-SafeDump covers many more categories of sensitive information than a CDS or DLP solution.

Overall, the integration of a given CDS or DLP solution into SF-SafeDump is fully optional. On the other hand, it’s a nice feature, since a CDS/DLP scan may increase a company’s internal level of compliance and promote good feelings while applying the “golden rule” of mandatory document scanning fully effectively to in fact any document, i.e. even to dump and log files originating from the mainframe. We will definitely support any such scenario and won’t take it “personally” if users extend the already powerful quality assurance provided by SF-SafeDump through additional review capabilities. We are confident about this, since SF-SafeDump learns from the results of the CDS or DLP. Just to be clear: it’s still the goal and duty of SF-SafeDump to leave all CDS or DLP reports empty.

With PTF Level 017, everything is provided for such an integration of a CDS or DLP application and even to fully automate the related procedures; the tools provided also solve all problems of best practice that occur within such an integration. The new PTF level 017 is now released and ready for download.


Join our newsletter list

Worldwide toll-free phone number

++800 - 37 333 853
or simply dial:
++800 - DRFEDTKE

+41 41 710 4005

(++ represents the prefix for international calls; in most countries it is 00; in the U.S. it corresponds to 011)

Find Us


Seestrasse 3a, 6300 Zug, Switzerland

Visitors & Training

Dammstrasse 19, 6301 Zug, Switzerland

Social Media

Xing → Linkedin →

Write Us

copy the address

Technical support and hotline
copy the address

Legal and compliance
copy the address