CorreLog, Inc. Issues Guidelines for Extending Windows-/UNIX-SIEM visibility to Include z/OS event messages for Enterprise End-to-End Real-time IT Security and Compliance
(PRWEB) June 26, 2018 -- Naples, FL, June 26, 2018 – CorreLog, Inc., the leader in multi-platform IT security event log management, today announced the issuance of its guidelines to assist organizations with broadening the scope of Windows- and UNIX-based SIEM technology to include real-time visibility for z/OS security and compliance event messages. The paper, titled “Real-Time Mainframe SIEM 101,” explores the “two worlds of IT” – mainframe and distributed platforms – and how they have developed in separate contexts, cultures, IT infrastructures, coding languages, user interfaces, and human resources dating back to the 1960s.
Mainframe computers for decades have been and will continue to be an essential tool in data processing and are traditionally viewed as reliably secure. However, the systems mainframers use for security monitoring are completely different IT platforms, and the result is them handling mainframe security in one basket while the distributed systems for enterprise security reside in another. The problem with this approach is that mainframes are not the isolated platforms they once were, and everyday mainframe connections move closer to the internet, processing billions of online transactions.
“In a large enterprise, z/OS is generating millions of event messages of user activity a day and if you’re not receiving these messages in real time with event correlation technology to detect anomalous behavior, you’re leaving yourself handicapped to detect potential breaches as they occur,” said George Faucher, founder and CEO at CorreLog. “We all agree that breach is inevitable, and the key is immediate discovery and then plug the data exfiltration. The problem continues to be lack of integration of your mainframe data into your Windows or UNIX SIEM in real time. We have seen this recurring problem over the years and have developed some guidelines for managing mainframe events alongside distributed log data in a single console.”
NEW Whitepaper: ‘Real-Time Mainframe SIEM 101’
In 2017, the average time it took to identify a breach was 191 days, according to the Ponemon Institute & IBM’s 2017 Cost of Data Breach Study. Today, just one minute of unmonitored mainframe activity could equate to an enormous amount of lost data. Consequently, this whitepaper is designed as a launch pad for organizations seeking an overview on:
• The basic benefits of SIEM across all platforms, and its importance for maintaining security and compliance – this is a critical component of enterprise SIEM with the recent launch of the GDPR
• Examples of confirmed z/OS breaches, and how current SIEM products can be extended cross-platform for real-time z/OS event messages
• What z/OS facilities and subsystems to monitor, log, and send to SIEM system or Security Operations Center (SOC)
• Four tips for building out your mainframe SIEM strategy
Click here to download the complimentary whitepaper PDF.
CorreLog zDefender™ for z/OS for Real-Time Event Message Logging and Correlation
CorreLog has designed agent-based solutions to collect and forward z/OS events to organizations’ existing distributed SIEMs or SOCs for real-time security visibility, including audit trails for compliance with PCI DSS, FISMA, the GDPR, HIPAA, IRS Pub. 1075, GLBA, SOX, ISO 27001, and other data security standards. These solutions monitor z/OS events in real time with little impact to systems resources, and roll-up z/OS security events and audit trails into a single view within an IT SOC.
For more information about CorreLog’s agent-based mainframe security solutions, visit its Mainframe SIEM Solutions overview page here.
About CorreLog
Since 2007, CorreLog, Inc. has been committed to delivering software solutions for Security and Compliance auditing professionals who need more advanced network/system security and improved adherence to PCI DSS, HIPAA, SOX, FISMA, the GDPR, ISO 27001, IRS Pub. 1075, NERC and other industry standards for protecting data. Our solutions are designed to be complementary to clients’ existing IT investments.
CorreLog specializes in providing the most comprehensive Security and Compliance software at the industry’s lowest Total Cost of Ownership. Our solutions help secure data across both mainframe and distributed operating systems and provide alerts with notifications in real time to security and network operations resources. CorreLog has worked with companies from Fortune 500 to SMB class, who all benefit from our ease of installation and highly interoperable approach to building software that is simple to use and master, out of the box. Our customers are up and running with monitoring and alerts within just a few hours, versus weeks or even months with competing enterprise vendor solutions. Our software agent monitoring technology spans from Windows, Linux, UNIX, Mac, SAP, and databases all the way up to the largest mainframes running IBM® z/OS®, Linux on z Systems, IBM® Db2, IBM® IMS™, and IBM® z/VM.
CorreLog has installed software and framework components used successfully by hundreds of commercial and government organizations worldwide. Our core solutions provide visibility on privileged-user activity, data integrity, FIM and application activity that may hold evidence of cyber threat, and in real time, we notify security personnel with alerts in accordance with compliance standards. For more information on CorreLog, please visit CorreLog.com.
Copyright © 2018, CorreLog, Inc. All rights reserved.
All trademarks and registered trademarks used herein are the properties of their respective owners.
Press Contact:
Tony Perri, CorreLog Marketing and PR
Office: (239) 514-3331, ext. 406
tony.perri(at)correlog.com
Tony Perri, CorreLog, Inc., http://www.correlog.com, +1 (877) 267-7356 Ext: 422, [email protected]
Share this article