This latest release of the mainframe information security and compliance product features enhancements to events from Compuware and Micro Focus and now supports the consumption of z/OS console messages and JES JOBLOG SYSOUT to allow the capture of additional events that do not go through IBM®’s z/OS System Management Facility or SMF.
Naples, FL, August 13, 2018 – CorreLog, Inc., the leader in multi-platform IT security event log management, today announced its latest release of zDefender™ is now Generally Available. The latest release of CorreLog’s mainframe Security Information & Event Management or SIEM product, includes a multitude of enhancements to bring real-time mainframe security visibility into Windows- and UNIX-based enterprise SIEM tools. Though IBM touts its IBM Z as the most powerful transaction system for cloud (i.e. $8 trillion in credit card payments yearly, 30 billion transactions per day, 29 billion ATM transactions yearly), the preferred platforms for securing enterprise data are exclusive to Windows and UNIX systems. This was the genesis of CorreLog building zDefender™; to provide these distributed SIEM systems an easy-to-install, easy-to-use mainframe security product with real-time visualization and alerting of mainframe events through a standard web browser or SIEM system.
“We all came up through the ranks on the mainframe side of enterprise software,” said George Faucher, CorreLog president and founder. “And about 10 years ago we saw this huge gap in how long it was taking privileged user event data to go from the mainframe to distributed security tools and decided to do something about it. The result was zDefender™ (previously known as SIEM Agent for z/OS) – software code we put on z/OS that SIEM tools could access to get RACF, ACF2, Top Secret and other mainframe event data into their systems as the events were generated in real time.”
CorreLog’s zDefender™ for z/OS is currently Generally Available, and the version 5.8.3 upgrade includes the following enhancements:
- Support for z/OS CONSOLE message streaming
- Support for dynamic JES JOBLOG (batch job) output streaming, including active SYSOUT from long-running started tasks
- New utility for bulk loading of any flat file into zDefender™
- INHIBIT now supported for all SMF record types
- Support for JSON-format SIEM messages
- Support for Compuware Abend-AID (z/OS reliability and quality) and Application Audit
- Support for Micro Focus ChangeMan (mainframe change management) events
- Approximately 400 additional CICS (online transaction management and connectivity) fields
- “Surrogate for” USERID enrichment
- Plus several other enhancements
CorreLog recommends that existing customers update to zDefender™ version 5.8.3. The upgrade package is easy to deploy, and existing customers may upgrade to this latest version themselves by contacting CorreLog support here for their download package. Alternately, customers may contact CorreLog support here for upgrade assistance.
Demonstrations of CorreLog zDefender™ at SHARE St. Louis, August 12-17, 2018
CorreLog will be holding demonstrations of zDefender™ for z/OS at SHARE St. Louis, at the America's Center Convention Complex, in booth number 316. SHARE attendees will have the opportunity to meet with CorreLog for live product demonstrations and one-on-one conversations about how CorreLog can assist with mainframe security and compliance auditing.
CorreLog Educational Tracks at SHARE St. Louis
I. Technical Breakout Session: Charles Mills Speaking Session with Blue Cross Blue Shield
What: Presentation titled "User Experiences: Know Now - Protecting Privacy Using Real-Time Data." Join this session to hear how a network engineer at BCBS who recently turned mainframer is using real-time mainframe event data to detect excessive login attempts, connections to external IPs, privilege escalation, policy compliance, profile changes, APF changes, and the impact of his own (rookie) work.
When: Tuesday, August 14, 2018: 10:00 AM - 11:00 AM
Where: Room 267, America's Center Convention Complex
Who: Charles Mills, CorreLog Director of Advanced Projects, & Rick Barnes, Systems Engineer with Blue Cross and Blue Shield of Alabama
Tracks: Enterprise Data Center; Security and Compliance
Session Number: 22997
More Info: Session Link
II. VSP: Use Cases for Preventing Breaches by Correlating Real-Time Mainframe Events with CorreLog zDefender™
What: Learn about CorreLog’s zDefender™ as well as learn some concrete steps you can take to stop attacks, gain operational efficiency, and transform all of your data on the mainframe into actionable intelligence before there is irreversible damage to your system integrity.
When: Tuesday, August 14, 2018: 1:45 PM - 2:45 PM
Where: Room 226
Session Number: 23719
More Info: Session Link
CorreLog zDefender™ for z/OS
CorreLog has designed software agent-based solutions to collect and forward z/OS events to organizations’ existing distributed SIEMs or SOCs for real-time security visibility, including audit trails for compliance with PCI DSS, FISMA, the GDPR, HIPAA, IRS Pub. 1075, GLBA, SOX, ISO 27001, and other data security standards. These solutions monitor z/OS events in real time with little impact to systems resources, and roll-up z/OS security events and audit trails into a single view within an IT SOC.
For more information about CorreLog’s agent-based mainframe security solutions, visit its Mainframe SIEM Solutions overview page here.
Since 2007, CorreLog, Inc. has been committed to delivering software solutions for Security and Compliance auditing professionals who need more advanced network/system security and improved adherence to PCI DSS, HIPAA, SOX, FISMA, GDPR, ISO 27001, IRS Pub. 1075, NERC and other industry standards for protecting data. Our solutions are designed to be complementary to clients’ existing IT investments.
CorreLog specializes in providing the most comprehensive Security & Compliance software at the industry’s lowest Total Cost of Ownership. Our solutions help secure data across both mainframe and distributed operating systems, and provide alerts with notifications in real-time to security and network operations resources. CorreLog has worked with companies across Fortune 500 to SMB class who all benefit from our ease of installation and highly interoperable approach to building software that is simple to use and master out of the box. Our customers are up and running with monitoring and alerts within just a few hours, versus weeks or even months with competing enterprise vendor solutions. Our software agent monitoring technology spans from Windows, Linux, UNIX, Mac, SAP, and databases all the way up to the largest mainframes with running IBM® z/OS®, Linux on z Systems, IBM® Db2, IBM® IMS™, and IBM® z/VM.
CorreLog has installed software and framework components used successfully by hundreds of commercial and government organizations worldwide. Our core solutions provide visibility on privileged-user activity, data integrity, FIM and application activity that may hold evidence of cyber threat, and in real time, we notify security personnel with alerts in accordance with compliance standards.
For more information on CorreLog, please visit CorreLog.com.
Copyright © 2018, CorreLog, Inc. All rights reserved.
All trademarks and registered trademarks used herein are the properties of their respective owners.
Tony Perri, CorreLog Marketing & PR
Office: (239) 514-3331, xt. 406