Configuring zsecure To Send Data to QRadar
|
|
- Melinda White
- 6 years ago
- Views:
Transcription
1 Configuring zsecure To Send Data to QRadar CONFIGURATION, SETUP, AND EXAMPLES Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: USA toll: Participant passcode: NOTICE: By participating in this call, you give your irrevocable consent to IBM to record any statements that you may make during the call, as well as to IBM's use of such recording in any and all media, including for video postings on YouTube. If you object, please do not connect to this call.
2 About the panelists Alan Brown, zsecure Level 2 Support Jared Franze, zsecure Level 2 Support Jeroen Tiggelman, zsecure Level 3 Manager Hans Schoone, zsecure Chief Architect Guus Bonnes, zsecure Architect and Designer Jonathan Pechta, IBM Security QRadar - Support Technical Writer 2 IBM Security
3 A comprehensive suite of products zsecure Audit Vulnerability analysis for the mainframe infrastructure; automatically analyze and report on security events and monitor compliance zsecure Adapters for QRadar Collects, formats and sends enriched mainframe System Management Facility (SMF) audit records to IBM Security QRadar SIEM zsecure Alert Real-time mainframe threat monitoring of intruders and alerting to identify misconfigurations that could hamper compliance zsecure Command Verifier Policy enforcement solution that helps enforce compliance to company and regulatory policies by preventing erroneous commands zsecure Manager for RACF z/vm Combined audit and administration for RACF in the VM environment including auditing Linux on System z zsecure Admin Enables more efficient and effective RACF administration, identity governance, tracking and statistics using significantly fewer resources zsecure Visual Helps reduce the need for scarce, RACF-trained expertise through a Microsoft Windows based GUI for RACF administration zsecure CICS Toolkit Provides access RACF command and APIs from a CICS environment, allowing additional administrative flexibility 3 IBM Security
4 A comprehensive suite of products zsecure Audit Vulnerability analysis for the mainframe infrastructure; automatically analyze and report on security events and monitor compliance zsecure Adapters for QRadar Collects, formats and sends enriched mainframe System Management Facility (SMF) audit records to IBM Security QRadar SIEM 4 IBM Security
5 About the presentation Focus of this presentation is on setting up zsecure to send data to QRadar Security Information and Event Management (SIEM) We will only be looking at sending SMF data as enhanced by zsecure Using zsecure Alert to send data to QRadar SIEM is planned for a later presentation We will be utilizing screenshots and documentation from zsecure IBM Security
6 Functional Overview A z/os image can contain many log sources: o z/os o RACF/ACF2/TSS o DB2 o CICS To integrate these sources with QRadar, a procedure must be in place to enrich standard SMF data into something QRadar can understand Log Event Enhanced Format (LEEF). These files are created and stored as z/os Unix files, and regularly fetched by QRadar SIEM for processing. 6 IBM Security
7 Methods Integrated functionality with zsecure Audit Standalone zsecure Adapters for QRadar SIEM product o The Adapters product uses fewer NEWLIST types, lookups, and members. It instead relies on a number of newly introduced fields in order to maintain functionally equivalent to the product built into zsecure Audit. Near Real-time integration with zsecure Alert (to be discussed at a later date) o This method transfers Alerts via UNIX Syslog 7 IBM Security
8 Key Benefits Integrating with QRadar replaces manual security event analysis with an automated and trusted process for detection of security exposures. Collecting event data from multiple z/os sources creates a comprehensive view of your system. Enriching data with audit and user information results in strong, and complete reports. The ability to use the data analytics and dashboard reporting built into QRadar. 8 IBM Security
9 Preparation Taken from Security zsecure CARLa-Driven Components Version Installation and Deployment Guide, Chapter 15 Complete installation/configuration of zsecure even if only using the Adapters Ensure the following prerequisites are performed o The SCKRLOAD library must be APF-authorized o You must setup a process to periodically refresh your CKFREEZE and UNLOAD (N/A to Top Secret) datasets o If only licensed for the Adapters, you must use the live security database instead of an unload file o We provide a sample job (C2RJPREP) to assist you in setting up the creation of your CKFREEZE and the security database UNLOAD files. o You must have an FTP or SFTP server on your z/os image in order for QRadar to be able to download the LEEF files that are created o Your zsecure configuration must be updated to contain the specific parameters required for QRadar SIEM (specifics will be described later) 9 IBM Security
10 SMF Records SMF processing must be turned on and the appropriate records for your shop must be created and saved o The exact SMF records required must be determined by your security staff o A list of standard records is on page 152 of the installation Guide Making the SMF records available to QRadar o Determine whether you are using SMF data from a dataset or a logstream When using an SMF logstream, ensure that your data collection for QRadar runs on a frequency to ensure that the SMF data retention period does not expire before data is collected For dataset processing, the SMF data must be prepared using your SMF offload process (e.g., IFASMFDP or a third-party utility that performs the same function) o When using SMF data from multiple z/os images The SMF data must be broken out by z/os image (examples to follow) The CKFREEZE and UNLOAD (not applicable to Top Secret or an Adapter-only license) from the SMF source images must be available 10 IBM Security
11 Using combined SMF data from multiple z/os images Specify an EXCLUDE statement in member CKQXES or C2EQXES in your zsecure configuration dataset o Each collection process will require its own member in its zsecure configuration dataset. o The combined SMF dataset is read multiple times when using this method Run a special CARLa job or job step that will read the combined SMF data and output separate datasets for each of the z/os images o The combined SMF dataset is read only once o Sample CARLa code snippet for one system is below alloc type=smf DD=C1SMF0 <== combined SMF input dataset newlist type=smf name=smfsel select system(ipo1) type=(0:69,80:120,230) <== SMF records to extract unload dd=smfunld <== SMF file for system IPO1 (allocated in JCL) 11 IBM Security
12 Setup of the collection process HEADER CONTENT 1 HEADER CONTENT 2 Two sets of members are provided o The C2E prefixed members are only for zsecure Audit o The CKQ prefixed members are for zsecure Audit and zsecure Adapters for QRadar SIEM o New installations should use CKQ prefixed members and are what we use in this presentation Decide how the collection process should be run o Batch using a job scheduling system o Started task Customize the JCL and point to the zsecure configuration member (default is C2R$PARM) o Store configuration member where it can be accessed For a started task, this is the JES procedure library For batch, use the JCLLIB statement o Customize C2EQCUST/CKQCUST and C2EQPATH/CKQPATH 12 IBM Security
13 Setup of the collection process - continued HEADER CONTENT 1 HEADER CONTENT 2 Assigning a user ID for the collection process and creating a z/os Unix directory for the LEEF data o Use supplied jobs as described on page 155 for your specific security subsystem C2EQAUSA/CKQAUSA for ACF2 C2EQAUSR/CKQAUSR for RACF C2EQAUST/CKQAUST for Top Secret o We will use CKQAUSR for our RACF system Preparing the LEEF directory Customize the configuration members Start the job or started task 13 IBM Security
14 WALKTHROUGH Configuration examples
15 Customize CKQCLEEF Proc HEADER CONTENT 1 HEADER CONTENT 2 Source: Title, Published date, author, company 15 IBM Security
16 zsecure Configuration Member 16 IBM Security
17 Assigning a userid and preparing a directory to store the LEEF data 17 IBM Security
18 Assigning a userid and preparing a directory to store the LEEF data 18 IBM Security
19 Assigning a userid and preparing a directory to store the LEEF data 19 IBM Security
20 Assigning a userid and preparing a directory to store the LEEF data 20 IBM Security
21 Configuring environment - CKQSPEC 21 IBM Security
22 LEEF Files and maxdate file 22 IBM Security
23 Resources HEADER CONTENT 1 HEADER CONTENT 2 Documentation on IBM Knowledge Center zsecure Forum on developerworks zsecure Wiki on developerworks _c8157c8cf491 zsecure Q&A on dw Answers and elevance&q=zsecure Technotes - QRadar Processing large amounts of SMF data Loading CARLa EXCLUDES for zsecure QRadar User group 23 IBM Security
24 Questions HEADER CONTENT 1 HEADER CONTENT 2? 24 IBM Security
25 Appendix Complete job log for splitting an SMF file by system name (1 of 4) //SMFEXT JOB (),'Alan Brown', MSGCLASS=X,MSGLEVEL=(1,1), // NOTIFY=&SYSUID //CKRCARLA EXEC PGM=CKRCARLA,REGION=64M,PARM='I DD=CKRSPROF' //********************************************************************* //* Change ZSEC220 to the location your zsecure installation * //********************************************************************* //STEPLIB DD DISP=SHR,DSN=ZSEC220.SCKRLOAD //CKRCARLA DD DISP=SHR,DSN=ZSEC220.SCKRCARL //********************************************************************* //SYSPRINT DD SYSOUT=* //CKREPORT DD SYSOUT=* //CKRCMD DD SYSOUT=* //CKR2PASS DD SYSOUT 25 IBM Security
26 Appendix Complete job log for splitting an SMF file by system name (2 of 4) //****************************************************************** //* Replace the following DSN with the DSN of your SMF unload file * //****************************************************************** //C1SMF0 DD DSN=CRMA.X.TVT8010.SMF.DAY, DISP=SHR //****************************************************************** //* //************************************************************** //* Replace the DSN with the name of your new system-specific * //* and SMF-filtered SMF unload file. * //* Replace space parameter as needed to accommodate the size * //* of your output SMF unload file. * //* If you reuse this file, change DISP to OLD after first run * //************************************************************** //SMFUNLD DD DISP=(NEW,CATLG), DSN=CRMBAB1.P01395.IPO1.SMF, // SPACE=(27998,(300,300),RLSE,,ROUND), // DCB=(LRECL=32760,BLKSIZE=27998,RECFM=VBS) //************************************************************** //* 26 IBM Security
27 Appendix Complete job log for splitting an SMF file by system name (3 of 4) //* //************************************ //* Standard CARLa environment setup * //************************************ //CKRCMD01 DD SYSOUT=* //* Standard profile for zsecure Suite run //CKRSPROF DD DATA,DLM='\/' PRINT DD=CKREPORT SUP CONNECTOWNER; IMBED MEMBER=CKRXDEF1 NOLIST \/ 27 IBM Security
28 Appendix Complete job log for splitting an SMF file by system name (4 of 4) //**************************************************** //* CARLA code to extract SMF records that //* meet the following criteria: * * //* 1. System is IPO1 * //* 2. SMF records are equal to the following ranges * //* A * //* B * //* C. 230 * //* Input is from DD C1SMF0 * //* Output is to DD SMFUNLD * //**************************************************** /SYSIN DD DATA,DLM='\/' /* Daily SMF dump */ alloc type=smf DD=C1SMF0 alloc type=ckrcmd DD=CKRCMD01 suppress CKFREEZE newlist type=smf name=smfsel select system(ipo1) type=(0:69,80:120,230) unload dd=smfunld include member=ckalfsum \/ /* 28 IBM Security
29 THANK YOU FOLLOW US ON: ibm.com/security securityintelligence.com youtube/user/ibmsecuritysolutions Copyright IBM Corporation All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANYSYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
IBM Threat Protection System: XGS - QRadar Integration
IBM Security Network Protection Support Open Mic - Wednesday, 25 May 2016 IBM Threat Protection System: XGS - QRadar Integration Panelists Tanmay Shah - Presenter Level 2 Support Product Lead Danitza Villaran-Rokovich,
More informationISAM Advanced Access Control
ISAM Advanced Access Control CONFIGURING TIME-BASED ONE TIME PASSWORD Nicholas J. Hasten ISAM L2 Support Tuesday, November 1, 2016 One Time Password OTP is a password that is valid for only one login session
More informationXGS & QRadar Integration
IBM Security Support Open Mic - January 28, 2015 XGS & QRadar Integration Advanced Threat Protection Integration Options Panelists Wes Davis Advanced Threat Support Group Engineer (Presenter) Thomas Gray
More informationIBM MaaS360 Kiosk Mode Settings
IBM MaaS360 Kiosk Mode Settings Configuration Settings for Kiosk Mode Operation IBM Security September 2017 Android Kiosk Mode IBM MaaS360 provides a range of Android device management including Samsung
More informationISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.
ISAM Federation STANDARDS AND MAPPINGS Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support July 19, 2017 Agenda ISAM Federation Introduction Standards and Protocols Attribute Sources
More informationDisk Space Management of ISAM Appliance
IBM Security Access Manager Tuesday, 5/3/16 Disk Space Management of ISAM Appliance Panelists David Shen Level 2 Support Engineer Steve Hughes Level 2 Support Engineer Nicholas Hasten Level 2 Support Engineer
More informationMSS VSOC Portal Single Sign-On Using IBM id IBM Corporation
MSS VSOC Portal Single Sign-On Using IBM id Changes to VSOC Portal Sign In Page Users can continue to use the existing Client Sign In on the left and enter their existing Portal username and password.
More informationJunction SSL Debugging With Wireshark
Junction SSL Debugging With Wireshark IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu option.
More informationIBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions
IBM Security Access Manager open mic webcast July 14, 2015 IBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions Panelists Gianluca Gargaro L2 Support Engineer Darren Pond L2
More informationIBM Security Network Protection Open Mic - Thursday, 31 March 2016
IBM Security Network Protection Open Mic - Thursday, 31 March 2016 Application Control and IP Reputation on the XGS Demystified Panelists Tanmay Shah, Presenter IPS/Network Protection Product Lead Bill
More informationXGS: Making use of Logs and Captures
IBM Security Network Protection XGS Open Mic webcast #6 June 24, 2015 XGS: Making use of Logs and Captures Panelists Bill Klauke (Presenter) Product Lead L2 Support Maxime Turlot Product Lead L2 Support
More informationSecurity Support Open Mic: ISNP High Availability and Bypass
Panelists Ed Leisure Knowledge Engineer, Presenter Andrew Sallaway SWAT Consultant Kenji Hamahata L2 Engineer (Japan) Maxime Turlot Product Lead Arthur Testa Product Lead Jeff Dicostanzo Advanced Value
More informationBigFix Query Unleashed!
BigFix Query Unleashed! Lee Wei IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate > Audio Connection menu option. To
More informationIBM. Enhancements for data encryption and SIEM feeds Documentation Updates zsecure CARLa-Driven Components Installation and Deployment Guide
IBM Security zsecure V2.3.0 Service Stream Enhancement Enhancements for data encryption and SIEM feeds Documentation Updates zsecure CARLa-Driven Components Installation and Deployment Guide IBM IBM Security
More informationSecurity Support Open Mic Build Your Own POC Setup
IBM Security Access Manager 08/25/2015 Security Support Open Mic Build Your Own POC Setup Panelists Reagan Knowles Level II Engineer Nick Lloyd Level II Support Engineer Kathy Hansen Level II Support Manager
More informationUnderstanding scan coverage in AppScan Standard
IBM Security AppScan Standard Open Mic Webcast January 27, 2015 Understanding scan coverage in AppScan Standard Panelists Shahar Sperling Software Architect at Application Security AppScan Tal Rabinovitch
More informationIBM Security Guardium: : Sniffer restart & High CPU correlation alerts
IBM Security Guardium: : Sniffer restart & High CPU correlation alerts IBM SECURITY SUPPORT OPEN MIC, presented by Lisette Contreras, Guardium Support To hear the WebEx audio, select an option in the Audio
More informationPonemon Institute s 2018 Cost of a Data Breach Study
Ponemon Institute s 2018 Cost of a Data Breach Study September 18, 2018 1 IBM Security Speakers Deborah Snyder CISO State of New York Dr. Larry Ponemon Chairman and Founder Ponemon Institute Megan Powell
More informationIntegrated, Intelligence driven Cyber Threat Hunting
Integrated, Intelligence driven Cyber Threat Hunting THREAT INVESTIGATION AND RESPONSE PLATFORM Zsolt Kocsis IBM Security Technical Executive, CEE zsolt.kocsis@hu.ibm.com 6th Nov 2018 Build an integrated
More informationSecurity Support Open Mic Client Certificate Authentication
IBM Security Access Manager, Tuesday, December 8, 2015 Security Support Open Mic Client Certificate Authentication Panelists Jack Yarborough ISAM Level II Nick Lloyd ISAM Level II Scott Stough ISAM Level
More informationIBM Security Access Manager v8.x Kerberos Part 2
IBM Security Access Manager open mic webcast - Oct 27, 2015 IBM Security Access Manager v8.x Kerberos Part 2 Kerberos Single Sign On using Constrained Delegation Panelists Gianluca Gargaro L2 Support Engineer
More informationFabrizio Patriarca. Come creare valore dalla GDPR
Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data
More informationQRadar Feature Discussion IBM SECURITY SUPPORT OPEN MIC
QRadar 7.2.7 Feature Discussion IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: 866-803-2141
More informationAnalyzing Hardware Inventory report and hardware scan files
Analyzing Hardware Inventory report and hardware scan files IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by
More informationIBM Security Directory Server: Utilizing the Audit.log
IBM Security Directory Server Open Mic Webcast #1 November 4, 2014 IBM Security Directory Server: Utilizing the Audit.log Panelists Roy Spencer L2LDAP Technical Lead Ram Reddy L2LDAP Senior Engineer Benjamin
More informationIBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT
IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the
More informationGX vs XGS: An administrator s comparison of the two products
: An administrator s comparison of the two products Panelists Bill Klauke IPS Product Lead, Level 2 Support Matthew Elsner XGS Development Yuceer (Banu) Ilgen XGS Development Jeff Dicostanzo AVP Support
More informationWhat's new in AppScan Standard/Enterprise/Source version
What's new in AppScan Standard/Enterprise/Source version 9.0.3.4 support Open Mic Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA
More informationMore on relevance checks in ILMT and BFI
More on relevance checks in ILMT and BFI IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate
More informationDeploying BigFix Patches for Red Hat
Deploying BigFix Patches for Red Hat IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: 866-803-2141
More informationIBM Security Network Protection
IBM Security Network Protection XGS 5.3.3 firmware release Features and Enhancements IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web
More informationRemote Syslog Shipping IBM Security Guardium
Remote Syslog Shipping IBM Security Guardium IBM Security support Open Mic To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu
More informationIBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation
IBM Security Endpoint Manager- BigFix Daniel Joksch Security Sales Establish security as an immune system Malware protection Incident and threat management Identity management Device management Data monitoring
More informationIBM Security Guardium: Troubleshooting No Traffic Issues
IBM Security Guardium: Troubleshooting No Traffic Issues IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationHow to Secure Your Cloud with...a Cloud?
A New Era of Thinking How to Secure Your Cloud with...a Cloud? Eitan Worcel Offering Manager - Application Security on Cloud IBM Security 1 2016 IBM Corporation 1 A New Era of Thinking Agenda IBM Cloud
More informationIBM BigFix Relays Part 2
IBM BigFix Relays Part 2 IBM SECURITY SUPPORT OPEN MIC December 17, 2015 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM TO RECORD ANY STATEMENTS THAT YOU MAY MAKE DURING
More informationXGS Administration - Post Deployment Tasks
IBM Security Network Protection Support Open Mic - 18 November 2015 XGS Administration - Post Deployment Tasks Panelists Tanmay Shah XGS Product Lead, L2 Support (Presenter) Thomas Gray L2 Support Manager
More informationHow AppScan explores applications with ABE and RBE
How AppScan explores applications with ABE and RBE IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIBM Security Support Open Mic
IBM Security Support Open Mic LET S TALK ABOUT QRADAR 7.2.8 FEATURES Connect to WebEx Audio by selecting an option in the Audio Connection dialog or by accessing the Communicate > Audio Connection menu
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationConfiguring your policy to prevent appliance problems
Configuring your policy to prevent appliance problems IBM Security Guardium IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationIBM Security zsecure. Documentation updates: 64-bit Service Stream Enhancement IBM
IBM Security zsecure Documentation updates: 64-bit Service Stream Enhancement IBM IBM Security zsecure Documentation updates: 64-bit Service Stream Enhancement IBM ii IBM Security zsecure: Documentation
More informationIBM Security Identity Manager New Features in 6.0 and 7.0
IBM Security Identity Manager New Features in 6.0 and 7.0 IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationQRadar Open Mic: Custom Properties
November 29, 2017 QRadar Open Mic: Custom Properties IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIntroduction to IBM Security Network Protection Manager
Introduction to IBM Security Network Protection Manager IBM SECURITY SUPPORT OPEN MIC Slides are at: https://ibm.biz/bdscvz NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM
More informationSecurity zsecure Audit for ACF2 Version Getting Started IBM GI
Security zsecure Audit for ACF2 Version 2.2.0 Getting Started IBM GI13-2325-02 Security zsecure Audit for ACF2 Version 2.2.0 Getting Started IBM GI13-2325-02 Note Before using this information and the
More informationzsecure Alert Version User Reference Manual IBM SC
zsecure Alert Version 2.3.0 User Reference Manual IBM SC27-5642-04 zsecure Alert Version 2.3.0 User Reference Manual IBM SC27-5642-04 Note Before using this information and the product it supports, read
More informationSecurity zsecure Alert Version User Reference Manual IBM SC
Security zsecure Alert Version 2.2.1 User Reference Manual IBM SC27-5642-03 Security zsecure Alert Version 2.2.1 User Reference Manual IBM SC27-5642-03 Note Before using this information and the product
More informationBigFix 101- Server Pricing
BigFix 101- Server Pricing Licensing in a Nutshell BigFix is included with AIX Enterprise Edition (AIX EE). If you have AIX EE on a system, all the cores on that system are covered and any LPAR running
More informationUsing Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting
Using Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationHow to properly deploy, configure and upgrade the NAB
Panelists Jeff DiCostanzo, Presenter AVP Team Lead Bill Klauke - Level 2 Product Lead Maxime Turlot - Level 2 Product Lead Ryan Andersen - Level 2 Senior Engineer Edward A Romero - Level 3 Network Security
More informationCybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY
Cybersecurity THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY Gary Meshell World Wide Leader Financial Services Industry IBM Security March 21 2019 You have been breached; What Happens Next 2 IBM Security
More informationBe effective in protecting against the cybercrime
Be effective in protecting against the cybercrime INTEGRATED SECURITY FOR A NEW ERA Domenico Raguseo Domenico Scardicchio Luca Bizzotto Simone Riccetti Technical Sales Manager, Europe Software Procdut
More informationHTTP Transformation Rules with IBM Security Access Manager
HTTP Transformation Rules with IBM Security Access Manager IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationThe New Era of Cognitive Security
The New Era of Cognitive Security IBM WATSON SUMMIT KANOKSAK RATCHAPAT Senior Technical Sales 1 Today s security challenges ACTORS TARGETS VECTORS REALITY Organized Crime Healthcare Ransomware Cloud, mobile,
More informationLet s Talk About Threat Intelligence
Let s Talk About Threat Intelligence IBM SECURITY SUPPORT OPEN MIC #20 Slides and additional dial in numbers: http://ibm.biz/openmic20 January 26, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR
More informationOptimizing IBM QRadar Advisor with Watson
Optimizing IBM QRadar Advisor with Watson IBM SECURITY SUPPORT OPEN MIC #25 Slides and additional dial in numbers: http://ibm.biz/openmic25 June 8, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE
More informationInterpreting relevance conditions in commonly used ILMT/BFI fixlets
Interpreting relevance conditions in commonly used ILMT/BFI fixlets IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog
More informationLet s talk about QRadar 7.2.5
QRadar Open Mic Webcast #9 June 10, 2015 Let s talk about QRadar 7.2.5 Panelists Dwight Spencer Principal Solutions Architect & Co-founder of Q1 Labs Adam Frank Principal Solutions Architect Jeremy Mathews
More informationPerforming a z/os Vulnerability Assessment. Part 2 - Data Analysis. Presented by Vanguard Integrity Professionals
Performing a z/os Vulnerability Assessment Part 2 - Data Analysis Presented by Vanguard Integrity Professionals Legal Notice Copyright 2014 Vanguard Integrity Professionals - Nevada. All Rights Reserved.
More informationzsecure New features and functions
zsecure 2.1.1 New features and functions Rob van Hoboken zsecure architect Rob.vanHoboken@nl.ibm.com 1 2012 IBM Corporation Disclaimer 2 IBM s statements regarding its plans, directions, and intent are
More informationPredators are lurking in the Dark Web - is your network vulnerable?
Predators are lurking in the Dark Web - is your network vulnerable? Venkatesh Sadayappan (Venky) Security Portfolio Marketing Leader IBM Security - Central & Eastern Europe Venky.iss@cz.ibm.com @IBMSecurityCEE
More informationIBM Guardium Data Encryption
IBM Guardium Data Encryption RELEASE TAXONOMY FOR LINUX/AIX/WINDOWS 10-October-2018 GDE Taxonomy Version V.0.0.0 Major V.R.0.0 Mod V.R.M.0 SSE V.R.M.F Fixpack V.R.M.F Cadence 36-48 Months 12-15 Months
More informationSWD & SSA Updates 2018
SWD & SSA Updates 2018 Stephen Hull STSM, BigFix Development 04/09/2018 Latest SWD & SSA features What s shiny and new? SWD Support multiple tasks for a software pkg Install, Update, Uninstall, etc Export/Import
More informationWhat's new in AppScan Standard version
What's new in AppScan Standard version 9.0.3.5 IBM Audio Security Connection support dialog by Open access Mic the Slides and more information: http://www.ibm.com/support/docview.wss?uid=swg27049311 February
More informationThreat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES
Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES Agenda Welcome Threat Intelligence EcoSystem Cyber Resiliency
More informationIBM Security zsecure IBM MFA for z/os
IBM Security zsecure IBM MFA for z/os Rob van Hoboken zsecure Architect - Rob.vanHoboken@nl.ibm.com Mike Zagorski WW Offering Manager Zagorski@us.ibm.com IBM November 2018 Session FK Protecting Data at
More informationDebug DB2 COBOL stored procedure with IBM Developer for z Systems and IBM Debug for z Systems v14.1
Debug DB2 COBOL stored procedure with IBM Developer for z Systems and IBM Debug for z Systems v14.1 By Olivier Gauneau - IBM IDz support February 16, 2018 1. CONTENTS 1. Pre-requisite... 2 a. JCL Procs...
More informationIs Your z/os System Secure?
Ray Overby Key Resources, Inc. Info@kr-inc.com (312) KRI-0007 A complete z/os audit will: Evaluate your z/os system Identify vulnerabilities Generate exploits if necessary Require installation remediation
More informationSecurity Update PCI Compliance
Security Update PCI Compliance (Payment Card Industry) Jeff Uehling IBM i Security Development uehling@us.ibm.com 2012 IBM Corporation PCI Requirements An Information only Presentation NOTE: These Slides
More informationLe sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza
Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza Giulia Caliari IT Architect, IBM Security #IBMSecurity Attackers break through conventional
More informationBenchmarking z/os Development Tasks - Comparing Programmer Productivity using RDz and ISPF
IBM Software Group Benchmarking z/os Development Tasks - Comparing Programmer Productivity using RDz and ISPF Jon Sayles RDz Technical Enablement jsayles@us.ibm.com 2010 IBM Corporation Agenda and Disclaimer
More informationThe McGill University Health Centre (MUHC)
The McGill University Health Centre (MUHC) Strengthening its security posture with in- depth global intelligence Overview The need MUHC security staff wanted to more quickly identify and assess potential
More informationSecuring Mainframe File Transfers and TN3270
Securing Mainframe File Transfers and TN3270 with SSH Tectia Server for IBM z/os White Paper October 2007 SSH Tectia provides a versatile, enterprise-class Secure Shell protocol (SSH2) implementation for
More informationOverview. Business value
PRODUCT SHEET CA Top Secret for z/vse CA Top Secret for z/vse CA Top Secret for z/vse provides innovative and comprehensive security for business transaction environments which enable your business to
More informationThe Myth of Mainframe Security
The Myth of Mainframe Security Glinda Cummings IBM Sr. Security Product Manager glinda@us.ibm.com Session: 16144 The mainframe is the most SECURABLE environment 2 Agenda Where did it all start? Aren t
More informationIBM Application Performance Analyzer for z/os Version IBM Corporation
IBM Application Performance Analyzer for z/os Version 11 IBM Application Performance Analyzer for z/os Agenda Introduction to Application Performance Analyzer for z/os A tour of Application Performance
More informationCARLa programming how was it again? 2013 IBM Corp.
CARLa programming how was it again? Tom Zeehandelaar zsecure enablement specialist tom.zeehandelaar@nl.ibm.com Jeroen Tiggelman Software Development/L3 Manager zsecure Jeroen.Tiggelman@nl.ibm.com Agenda
More informationSecuring global enterprise with innovation
IBM Cybersecurity Securing global enterprise with innovation Shamla Naidoo VP, IBM Global CISO August 2018 Topics 01 02 03 Securing Large Complex Enterprise Accelerating With Artificial Intelligence And
More informationIBM Security Access Manager Single Sign-on with Federation
IBM Security Access Manager Single Sign-on with Federation IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIBM Security Network Protection Solutions
Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security
More informationIdentity Governance Troubleshooting
Identity Governance Troubleshooting Chris Weber Level 2 support, IBM Security May 16, 2017 Identity Governance Troubleshooting Support Files contents Accessing different logs and other files though the
More informationIBM BigFix Client Reporting: Process, Configuration, and Troubleshooting
IBM BigFix Client Reporting: Process, Configuration, and Troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationWorrying About Your Whitelists
Worrying About Your Whitelists TIPS AND TRICKS FOR DECIDING WHAT TO TRUST IN IBM SECURITY GUARDIUM John Haldeman Enterprise Architect, IBM Champion, Information Insights LLC July 21, 2016 Upcoming Tech
More informationThe Challenge of Managing WebSphere Farm Configuration. Rational Automation Framework for WebSphere
IBM Software Group The Challenge of Managing WebSphere Farm Configuration Rational Automation Framework for WebSphere Terence Chow Technical Specialist IBM Rational Hong Kong 2007 IBM Corporation Example:
More informationIBM Security zsecure Service Stream Enhancement for IBM Operations Analytics for z Systems (IOAz) Documentation updates IBM
IBM Security zsecure Service Stream Enhancement for IBM Operations Analytics for z Systems (IOAz) Documentation updates IBM IBM Security zsecure Service Stream Enhancement for IBM Operations Analytics
More informationIBM Db2 Warehouse on Cloud
IBM Db2 Warehouse on Cloud February 01, 2018 Ben Hudson, Offering Manager Noah Kuttler, Product Marketing CALL LOGISTICS Data Warehouse Community Share. Solve. Do More. There are 2 options to listen to
More informationIBM Application Security on Cloud
April, 2017 IBM Application Security on Cloud Service Overview Security has and will always be about understanding, managing, and mitigating the risk to an organization s most critical assets. - Dr. Eric
More informationAligning with HIPAA mandates in healthcare
How IBM can help you develop a successful plan designed to meet security and privacy requirements Let s get started 3 Introduction 4 Aligning with other security frameworks 5 How IBM can help build and
More informationIBM SPSS Text Analytics for Surveys
Software Product Compatibility Reports Product IBM SPSS Text Analytics for Surveys 4.0.1.0 Contents Included in this report Operating systems Hypervisors (No hypervisors specified for this product) Prerequisites
More informationVanguard Configuration Manager Customization and Use
SECURITY & COMPLIANCE CONFERENCE 2016 Vanguard Configuration Manager Customization and Use Bruce Schaefer Manager, Mainframe Products (GRC) VSS-5 Legal Notice Copyright All Rights Reserved. You have a
More informationIBM United States Software Announcement , dated February 17, 2015
IBM United States Software Announcement 215-031, dated February 17, 2015 The IBM CICS Transaction Gateway V9.2 open beta offering enables continuous integration testing for JSON web services and all remote
More informationCA EPIC for z/vse. Release Notes. r5.2
CA EPIC for z/vse Release Notes r5.2 This documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is for your informational
More informationHealthcare Cognitive Security
Healthcare Cognitive Security Salwa Rafee WW Security Industry Leader, Healthcare & Life Sciences, Gov, Edu January 2018 Cybersecurity is a universal challenge By What 2020, our there customers will be
More informationRA/2 RACF CLI Version 1 - Release 1
RA/2 RACF CLI Version 1 - Release 1 Copyright racfra2.com 2008 All Rights Reserved Distributed by: SEA America Inc. SEA Europe EBM Inc. Ubiquity Pty Ltd Softplex Japan racfra2.com corp. TABLE OF CONTENTS
More informationIBM. PDF file of IBM Knowledge Center topics. IBM Operations Analytics for z Systems. Version 2 Release 2
IBM Operations Analytics for z Systems IBM PDF file of IBM Knowledge Center topics Version 2 Release 2 IBM Operations Analytics for z Systems IBM PDF file of IBM Knowledge Center topics Version 2 Release
More informationNotice on Names and Logos Used in This Presentation
Notice on Names and Logos Used in This Presentation NON-IBM PRODUCT AND SERVICE NAMES, LOGOS, AND BRANDS ARE PROPERTY OF THEIR RESPECTIVE OWNERS. ALL COMPANY, PRODUCT AND SERVICE NAMES USED IN THIS WEBSITE
More informationSecuring communication between SDS VA and its remote DB2 DB
Securing communication between SDS 8.0.1 VA and its remote DB2 DB IBM SECURITY SUPPORT OPEN MIC PRESENTATION Ramamohan T Reddy - Senior Software Engineer / L2 Team Tech Lead - Directory Support Team Brook
More informationWebSphere Commerce Developer Professional
Software Product Compatibility Reports Product WebSphere Commerce Developer Professional 8.0.1+ Contents Included in this report Operating systems Glossary Disclaimers Report data as of 2018-03-15 02:04:22
More informationModern Realities of Securing Active Directory & the Need for AI
Modern Realities of Securing Active Directory & the Need for AI Our Mission: Hacking Anything to Secure Everything 7 Feb 2019 Presenters: Dustin Heywood (EvilMog), Senior Managing Consultant, X-Force Red
More information