In a standard z/OS environment, the three principal z/OS security packages, as implemented, utilize simple logic: actions are either allowed but in most cases not reported; or they are not allowed and a violation log is created. Such violations generally are examined using batch-mode analysis often many hours after the fact, and any reports generated by such alerts typically remain within the z/OS environment (not externalized to log consolidators). This can result in a number of security problems and unrecognized threats.
Type80 Security Software’s SMA_RT product is a z/OS SIEM agent that aims to address these key problem areas. Our z/OS SIEM agent makes z/OS security state-of-the art. By analyzing data from both Operator (WTO) messages and the Systems Management Facility (SMF), Type80 SMA_RT gathers detailed information about potential security events on z/OS. This data is then interpreted, normalized in standard Syslog format and delivered in real-time to those responsible for enterprise security. This gives an organization an enterprise-wide view of all the events they need to capture in order to stay abreast of attacks against their infrastructure.
For a FREE trial of our z/OS SIEM agent complete our security software trial form online today. You can also contact us directly to learn more about this product and how our z/OS SIEM agent can help improve your enterprise-wide security monitoring efforts.
Our revolutionary SMA_RT z/OS SIEM agent allows administrators to designate specific items of interest for deeper security monitoring than is normally provided in the z/OS environment. For example, an administrator can specify files of interest (perhaps those with credit card data for PCI compliance, or those related to patient data for HIPAA compliance), and capture all relevant data whenever those items are accessed – even by authorized users!
The SMA_RT product is dynamically installed and easy to implement by any z/OS Systems Programmer. Our z/OS SIEM agent has a very small memory footprint and extremely low impact processor utilization. Once installed, SMA_RT’s security monitoring rules are very simple and easily entered through our TSO interface.
Further, SMA_RT requires no additional z/OS components or understanding of cumbersome languages or proprietary framework to operate. Our z/OS SIEM agent is designed to be used in tandem with an organization’s existing SIM, SIEM, and log consolidation monitoring platforms.
SMA_RT supports all three Security Access Facility products, providing a single solution for large organizations that need full coverage and enterprise-wide security monitoring.
Our z/OS SIEM agent is easy to implement and use and is an effective solution for real-time security monitoring in a z/OS environment. Key benefits include:
Finally, no other z/OS SIEM agent or security product can come close to SMA_RT's ability to manage z/OS security events in real-time, with low resource consumption, low cost, and a wide range of customization options.
To learn more about our SMA_RT product or to request a free trial of any of our security monitoring products, complete our online Free Trial Request Form today. If you would like to learn more about each of our products and how our z/OS SIEM agent can be the security solution you need, you can also contact us at Type80 Security Software online or by phone! Our experts look forward to answering all of your questions about our z/OS SIEM agent products and working with you to develop customized solutions for your z/OS security needs.