The SIEM market is crowded with Windows-based technologies that are excellent but there continues to be large gap separating these systems from mainframe systems...
Naples, FL (PRWEB) July 23, 2014
CorreLog, the leader in multi-platform solutions for IT security event log correlation, today announced that it will be promoting its security solutions for z/OS technology at SHARE in Pittsburgh, August 3-8, at the David L. Lawrence Convention Center. CorreLog will exhibit from booth #506 in the Expo Hall and will feature its new release of the CorreLog Agent for IBM z/OS (CZAGENT) version 5.5.0.
SHARE in Pittsburgh attendees who stop by the CorreLog booth will receive a complimentary IT security and compliance whitepaper. The whitepaper, 11 Guidelines for minimizing vulnerability for IBM z/OS, provides guidelines for securing z/OS data and outlines steps to comply with standards set forth by PCI DSS, HIPAA, Sarbanes-Oxley, IRS Pub. 1075 and many others.
CZAGENT converts mainframe SMF data to distributed syslog format for real-time transmission to Security Information and Event Management (SIEM) systems such as IBM QRadar (certified integration) HP ArcSight (certified integration), Splunk, and McAfee ESM. With CZAGENT, IT security analysts are now able to view mainframe event data alongside distributed syslogs in their SIEM application as the data is generated, with no additional software utility needed to process the z/OS data to SIEM format. CZAGENT completes the conversion within the LPAR it is installed on transmits the syslog files to the SIEM program in real-time through an encrypted connection. The CorreLog mainframe agent is a key component in industry segments such as banking/finance, retail, healthcare, and government where IBM z/OS technology is leveraged to manage and protect large volumes of sensitive intellectual property and customer data.
“No enterprise can be completely secure from cyber-threat without knowing in real time the secure state of their mainframe data,” said George Faucher, CorreLog CEO and president. “The SIEM market is crowded with Windows-based technologies that are excellent but there continues to be large gap separating these systems from mainframe systems because of different data formats. CZAGENT narrows that gap by providing a real-time view of mainframe event data alongside real-time SIEM system data.”
CorreLog CZAGENT allows users to select from a myriad of events including RACF violations, TSO logons, production job ABENDs, TCP/IP connections, FTP activity, and DB2 accesses. Within these parameters, security systems admins may filter events further by sub-categories and receive only the data relevant to security threats. This filtering capability streamlines data flow to SIEM systems without compromising network bandwidth.
At SHARE Pittsburgh, CorreLog will also feature dbDefender for DB2. dbDefender provides real-time DB2 data to SIEM systems for real-time, enhanced visibility to z/OS user activity. dbDefender’s DB2 monitoring capabilities include:
- Privileged user monitoring
- Auditing of invalid logical access attempts
- Auditing the creation and deletion of system-level objects
- Additional auditing of DB2 Utilities, DDL statements, DB2 console commands, DB2 object access, and other user activity linked to DB2.
Both CorreLog CZAGENT and dbDefender™ operate within the constraints of increasing compliance regulations such as PCI DSS, FISMA, HIPAA, NERC and Sarbanes-Oxley. For more information on CorreLog solutions for IBM mainframes, please visit http://correlog.com/products.
More information on SHARE in Pittsburgh can be found at http://www.share.org/Pittsburgh
CorreLog, Inc. is the leading independent software vendor (ISV) for IT security log management and event correlation spanning both distributed and mainframe platforms. CorreLog's flagship products are CorreLog Server™, CZAGENT™, and dbDefender™. CorreLog Server leverages its unique correlation engine that manages user/system event logs through Syslog, Syslog-NG, and SNMP protocols. CZAGENT converts mainframe SMF data to distributed syslog format for real-time transmission to security information and event management (SIEM) systems. dbDefender provides real-time RACF data to SIEM systems for real-time, enhanced visibility to z/OS user activity.
For auditing and forensics, CorreLog solutions facilitate regulatory requirements set forth by PCI DSS, HIPAA, Sarbanes-Oxley, IRS Pub. 1075, FISMA, NERC, NCUA, and many other standards. CorreLog markets its solutions through both direct sales channels and indirect partner channels. For more information on CorreLog products, please visit http://www.correlog.com/library.