Everyone is aware that non-mainframe platforms have vulnerability issues. There are a multitude of ways to compromise these platforms as well as the data residing on these platforms. Corporations blissfully assume that the IBM mainframe is immune to similar cyber-attacks. While we believe z/OS is a secure platform, it is still susceptible to vulnerabilities that could allow your user community the ability to compromise your z/OS systems and data. This represents a serious flaw in your mainframe security implementation as well as reputational damage and compliance violations.
Vulnerability scanning and penetration testing is hardly done for non-mainframe platforms and networks. However it is not currently an accepted practice to perform similar audits on z/OS systems. That is starting to change, due in part to; Advanced Targeted Threats, Industrial Espionage, Zero-Day exploits and the creation of new compliance regulations by the United States and other governments.
This presentation will provide a best-practices overview of the need for advanced z/OS Vulnerability Scanning and the related Security Management issues, which are required to fully maintain the system integrity and security of the z/OS platform.
↧