Select Page

Splunk App

Smart Mainframe Monitoring

SF-Sherlock’s Smart Mainframe Monitoring App for Splunk is specifically designed to provide a clear picture of your z/OS mainframes in real-time.

You find all details on the “Smart Mainframe Monitoring” Splunk app in the Splunkbase and may download it from here.

Cyber Security

 

Cyber security risks are not deterred from the mainframe. It’s simply too connected to remain invisible and unreachable to hackers and others with bad intentions. You would be very much surprised to see the large number of highly-skilled specialists who are engaged in challenging the security and safety of a mainframe.

Compliance

 

Since our compliance automation solutions have been invented and developed in-house, we definitely know what is necessary to comply with all the many different regulations, and how compliance monitoring can be automated to the max.

SF Solution Support

 

We would be happy to fully assist you to efficiently as well as effectively implement and operate all the SF solutions you use.

Forensic & Emergency

 

Just in case! If your installation is the victim of any kind of internal or external attack, we are on stand-by to assist you in analyzing, fixing and managing the given situation. Thanks to our unique expertise, we know how to handle any situation. 

News & IT Security Forum

System REXX and BCPii are the ”next APF“

If you look back along the evolutionary steps of mainframe security, APF libraries play a leading role – due to their “superpower.” Until the 1980s, “almost anyone” working on a mainframe was able and allowed to define one themselves. In most cases, there was no APF library protection at all. Then there was a phase where APF-related auditing received more and more attention, and correspondingly became an important audit issue.

The attention that “APF” received as a security risk has continued to increase over time. Today, it has almost reached the highest level of awareness: only a very few members of a company’s mainframe team are allowed to define a new APF library or update existing ones. Any such action requires prior permission, not just some documentation after it has happened. On our customer visits, we have seen companies where a new APF library requires not only an official change request, but up to “5 signatures.” Otherwise, you lose your job. Correspondingly, relentless monitoring and compliance reporting has become standard for the “APF” risk, resulting in real-time security alerts by a SIEM if corresponding rules are bypassed.

So far, so good. Now that there is great awareness of “APF,” the question will be if the entire mainframe security mission has now been accomplished? Or what’s the next superpower, following “APF,” that mainframe users need to focus on?

Based on our worldwide penetration testing experience, we have determined that “System REXX” and “BCPii” are two further members of the superpower league; both are good candidates for becoming the next “big focus.” In recent years, both z/OS features have been improved so that they are now “easy-to-use” functions. But there is no free lunch. As a consequence, highly critical operations became minimally complex, and you have to “pay” the price for setting up gap-free security measures. User-friendly and easy-to-use superpower features are an invitation to attackers. Complexity is a kind of protection. Compared to assembler programming or disassembling machine code, REXX programming is pretty trivial!

This is why SF-Sherlock focuses intensively on both of these areas. Please feel free to contact us to discuss additional details of what is necessary to properly protect System REXX and BCPii.

Worldwide toll-free phone number

+800 - 37 333 853
or simply dial:
+800 - DRFEDTKE

Alternatively:
+41 (0)41 710 7444

(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011, and you have to dial 011-800-37333853)

Find Us

Headquarters

Seestrasse 3a, 6300 Zug, Switzerland

Visitors & Training

Dammstrasse 19, 6301 Zug, Switzerland

Social Media

Xing → Linkedin →

Write Us

Marketing
marketing@enterprise-it-security.com
copy the address

Technical support and hotline
hotline@enterprise-it-security.com
copy the address

Legal and compliance
legal@enterprise-it-security.com
copy the address

error: Content is protected!