Plug & play SIEM connector for your z/OS mainframes (e.g. Splunk, ArcSight, QRadar, etc.

Target your true auditing & security enemies!

Systems and processes never tell you the whole story. But complete and authentic logs are a prerequisite for both proper IT operation and complete auditing & compliance – including effective detection of fraud and abuse. You may not believe this, but much of the essential and highly critical activity on your recognized z/OS mainframe simply does not come to your attention since it is not logged or properly protected.

The triad of smart and smooth z/OS command and system service verification includes logging, blocking and modifying.
SF-NoEvasion for z/OS allows for the ultimate hardening and transparency of your audit trails with regards to the suppression of information, bypassing, fraud and abuse. It also improves and enhances critical security controls to allow for highly precise and flexible decisions about how they are to be used! Become the boss by finally knowing the complete story on what’s happening on your z platform!

The plug & play Real-Time Sniffer, Spool Monitor, File Watcher, Universal Log Scanner and Event Forwarder finally lets you feed all your security and compliance monitoring applications with event data – with utmost completeness and speed. The included PC-based system for Security Information and Event Management (SIEM) provides a high-performance audit workflow. As an option, it lets you also include events of non-mainframe platforms, such as Windows, UNIX, Linux, etc.

Highest security and compliance levels for the z/OS mainframe platform are requested. All security and compliance standards, like SOX, PCI, ISO, FERC, DOD, HiPAA, etc., claim full (100%) transparency and the ability to audit completely all processes in your company’s IT. Missing audit information represents a top-level risk, implying the impossibility of effectively detecting fraud, abuse and non-compliant behavior.

But how can incomplete logs be possible on platforms that have received the highest levels of [security] certifications? Your fear is reasonable! Various processes may be involved, such as invalid system configurations, critical system services supporting “no logging” features, tricky log suppression, bypassed security mechanisms, and much more. High-value compliance certifications may easily become invalidated in cases of incomplete audit data. Skilled software vendors, staff, or parties with malicious intent may easily dupe you by hiding the “actual truth”, and, furthermore, putting into question your company’s compliance and the legal protections of your auditing.

SF-NoEvasion profits from the experience of having penetrated and assessed mainframes for over a decade to achieve extremely secure environments.

It provides comprehensive and smart command and system service verification to completely audit and protect all critical z/OS components, including Security Server (RACF), user authentication, user password change, console commands, FTP, and much more. At last, you no longer have to put up with any potential weaknesses in your audit trails, and you can finally achieve the highest level of automated controls and completeness in your compliance strategy!

Finally, you know all of what’s involved in becoming really compliant and secure!