2018 Mainframe Solutions Edition - SE28

Sponsored Advertising Content

PARTNER PERSPECTIVE

Vulnerability Scanning is
Essential to z/OS Security
Security analysts tell you that a priority on the mainframe is securing your
applications through configuration vulnerability assessments. What they don't
know is that it only takes one zero-day code-based vulnerability in the z/OS* layer to
bypass everything you are doing to secure those applications and the source data
associated with those applications.

Key Resources Inc.
RAY OVERBY - PRESIDENT
AND FOUNDER
info@krisecurity.com
(800) 574-1339
krisecurity.com
Ray Overby is a recognized
authority on mainframe security
for IBM Z* environments.

Code-Based Vulnerabilities
Security professionals understand how to mitigate the risks caused by configurationbased vulnerabilities, but a code-based vulnerability assessment will lead you to the
realization that you have serious exposures. Code-based vulnerabilities allow hackers
(external or internal) to circumvent internal z/OS integrity controls as well as your
External Security Manager (ESM), and in some cases, you will never know they have
access to your applications and your data.
In the case of a storage-alteration vulnerability, an exploit program will allow
a non-authorized user the ability to modify OS memory. These locations would
include where the ESM (e.g., RACF*) keeps its security credentials. Code-based
vulnerabilities are caused by poor design and coding errors in programs that reside
in the mainframe's OS layer.
A comprehensive security compliance review of a mainframe system should
always include analysis for configuration-based and code-based vulnerabilities. The
balance between protection and vulnerabilities isn't static or even predictable; it's
impossible to monitor and comprehend consequences of vendor development and
maintenance streams. In the same way that PCs and servers need frequent scans
for malware, the mainframe needs periodic evaluation for exposures created by
configuration changes and vendor releases and patches. Failure to do both leaves
your mainframe system at risk.
Ensuring System Integrity
Remember, ensuring system integrity is outside the scope of the current external
security managers (ESMs). The ESMs were not designed to enforce your security
policy when an OS-layer code vulnerability is exploited and allows unauthorized
access to data.
Where does all of this lead? It surely does not undermine the mainframe's
well-deserved reputation for integrity; no other platform rivals what its integrated
architecture, development and maintenance philosophies, and fundamental
reliability mindset provides.
It does, however, recall sage advice: Trust but verify. Mainframes remain the ideal
platform for supporting business processes, especially for building future successes
(mobile, cloud, payment). Their use must include appropriate verification that the
system's architectural foundation-z/OS-provides no "basement kitchen window"
vulnerabilities.

28 // 2018 Learn more at: ibmsystemsmag.com/buyersguide


http://www.krisecurity.com https://www.linkedin.com/company-beta/941268/ http://www.ibmsystemsmag.com/buyersguide

Table of Contents for the Digital Edition of 2018 Mainframe Solutions Edition

Editor's Letter
Application Development
Business Intelligence/Analytics
Communications and Connectivity
Database
Education
HA/DR Backup
Linux on z Systems
Performance
Security
Services/Consulting
Software Vertical Markets
Systems Management
Tools and Utilities
Web Development
Market Changes Increase Demand for Nimble Developers
Business Continuity Depends on Backup and Recovery Plans
IBM z14 Features Accelerate Performance
Pervasive Encryption Keeps all Data Secure
z/OS Tools Spot Systems Management Issues
CM First Group: Application Development
Compuware Corporation: Application Development
21st Century Software: HA/DR Backup
Key Resources Inc.: Security
Product Index
2018 Mainframe Solutions Edition - SECover1
2018 Mainframe Solutions Edition - SECover2
2018 Mainframe Solutions Edition - SE3
2018 Mainframe Solutions Edition - SE4
2018 Mainframe Solutions Edition - Editor's Letter
2018 Mainframe Solutions Edition - SE6
2018 Mainframe Solutions Edition - SE7
2018 Mainframe Solutions Edition - SE8
2018 Mainframe Solutions Edition - CT1
2018 Mainframe Solutions Edition - CT2
2018 Mainframe Solutions Edition - SE9
2018 Mainframe Solutions Edition - Market Changes Increase Demand for Nimble Developers
2018 Mainframe Solutions Edition - CM First Group: Application Development
2018 Mainframe Solutions Edition - Application Development
2018 Mainframe Solutions Edition - Compuware Corporation: Application Development
2018 Mainframe Solutions Edition - SE14
2018 Mainframe Solutions Edition - SE15
2018 Mainframe Solutions Edition - Communications and Connectivity
2018 Mainframe Solutions Edition - Database
2018 Mainframe Solutions Edition - Education
2018 Mainframe Solutions Edition - Business Continuity Depends on Backup and Recovery Plans
2018 Mainframe Solutions Edition - 21st Century Software: HA/DR Backup
2018 Mainframe Solutions Edition - HA/DR Backup
2018 Mainframe Solutions Edition - SE22
2018 Mainframe Solutions Edition - Performance
2018 Mainframe Solutions Edition - IBM z14 Features Accelerate Performance
2018 Mainframe Solutions Edition - SE25
2018 Mainframe Solutions Edition - SE26
2018 Mainframe Solutions Edition - Pervasive Encryption Keeps all Data Secure
2018 Mainframe Solutions Edition - Key Resources Inc.: Security
2018 Mainframe Solutions Edition - Security
2018 Mainframe Solutions Edition - SE30
2018 Mainframe Solutions Edition - SE31
2018 Mainframe Solutions Edition - SE32
2018 Mainframe Solutions Edition - SE33
2018 Mainframe Solutions Edition - SE34
2018 Mainframe Solutions Edition - SE35
2018 Mainframe Solutions Edition - Software Vertical Markets
2018 Mainframe Solutions Edition - z/OS Tools Spot Systems Management Issues
2018 Mainframe Solutions Edition - Systems Management
2018 Mainframe Solutions Edition - SE39
2018 Mainframe Solutions Edition - SE40
2018 Mainframe Solutions Edition - SE41
2018 Mainframe Solutions Edition - Tools and Utilities
2018 Mainframe Solutions Edition - Web Development
2018 Mainframe Solutions Edition - Product Index
2018 Mainframe Solutions Edition - SE45
2018 Mainframe Solutions Edition - SE46
2018 Mainframe Solutions Edition - SECover3
2018 Mainframe Solutions Edition - SECover4
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2020mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
http://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
http://www.nxtbook.com/nxtbooks/mspcomm/ibmsystems_mainframe_200901
http://www.nxtbookMEDIA.com