A New Dimension in Integrity Monitoring

Share Article

Catch hackers before they cause damage

Today MainTegrity Inc. announces a new dimension in intrusion detection for IBM Z mainframes and other platforms. Classic security measures like access control and event logging, although valuable, have proven to be an incomplete solution for thwarting hackers intent on the theft or destruction of valuable assets. MainTegrity delivers real-time verification that applications and sensitive control members identically match the desired configuration. Using File Integrity Monitoring (FIM) techniques, MainTegrity detects unauthorized changes with absolute clarity. Potential threats are identified in a fraction of the time previously required by comparing the active versions in use to trusted levels stored in a secure vault.

With existing security solutions failing to protect organizations from the theft of customer data, credit card numbers, and intellectual property; risk managers are now coming to terms with the serious damage that can take place. In addition to direct attacks, ransomware such as Petya, WannaCry, or Bad Rabbit are becoming increasingly prevalent.

Actual financial impact is bad enough but damage to corporate and personal reputations can be even more harmful. As a result, security experts are demanding more penetrating solutions that can extend the service provided by conventional tools and ensure their organizations have not been compromised. Regulators are also showing that penalties for data breaches are becoming more severe. Standards like PCI-DSS, HIPPA and the EU’s new GDPR are all being strengthened to require enhanced security techniques like encryption FIM to avoid prosecution.

For mainframes, the first line of defense has always been access and identity control provided by well-known products like IBM’s RACF, CA-ACF/2 and CA-TopSecret. Unfortunately, these products are only as good as the people using them with many still running default configurations, outdated encryption, or weak password requirements. Furthermore, information is increasingly available through social media and the Internet of Things (IoT), greatly improving the efficacy of phishing and password sniffing. The reality is that large corporations experience credential theft almost daily.

Event logging is essentially scrutinizing every action on all devices across the network in hopes of identifying indicators of compromise (IOC). Although a necessary practice, this requires searching through millions of records hoping to identify suspicious activity – a slow and tedious process at best.

By contrast MainTegrity simply monitors selected software and files for alteration. If there are no changes then an all clear record is written. If something has been modified ServiceNow, Remedy other tools can be checked to see if this is an authorized change. In all other cases a problem is reported and corrective action can be started immediately. In this way MainTegrity can also identify 0-day threats that have never been seen before.

Al Saurette, security partner at MainTegrity says “Our objective in building a new tool for the mainframe was to build a product that could produce immediate results, install in an hour and provide a new level of oversight on exposures in your enterprise. Extension of this detection to Windows, Unix and Linux platforms is a logical next step”.

About MainTegrity - MainTegrity Inc. is focused exclusively on improving IT Security by identifying software changes and reporting all discrepancies via SIEM and other means. Both malicious attacks and accidental changes by authorized users are detected ensuring strict compliance with control environment. MainTegrity provides a new level of tamper resistance combined with improved compliance with security standards.
For more information please contact:

Al Saurette                        
MainTegrity Inc.        
Ph: (720) 464-5397
Info(at)MainTegrity(dot)com

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Allen Saurette
MainTegrity Inc
+1 (720) 464-5397
Email >
Visit website