There’s too much critical enterprise data on z/OS to take vulnerabilities like user privilege escalation lightly.
Naples, FL (PRWEB) August 02, 2017
CorreLog, Inc., the leader in multi-platform IT security event log management, today announced new releases of its mainframe SIEM (Security Information and Event Management) products, zDefender™ for z/OS and dbDefender™ for IMS. zDefender™ v. 5.7.3 comes out-of-box with SMF event enhancements for privilege escalation detection, and will be demonstrated in booth #311 at SHARE Providence 2017 throughout expo hall hours.
The new release of dbDefender™ for IMS ships with enhanced real-time monitoring for privileged user logons and logoffs, as well as tracking for users viewing and accessing IMS datasets. The conference will take place August 6-11, at the Rhode Island Convention Center in Providence, Rhode Island.
“There’s too much critical enterprise data on z/OS to take vulnerabilities like user privilege escalation lightly,” said George Faucher, president and CEO of CorreLog. “Malicious users cannot be permitted to run amok with the keys to the mainframe kingdom, and this release of zDefender™ notifies appropriate personnel at the SOC when users escalate their permissions for access to the organization’s most sensitive data.”
Privilege Escalation Detection with zDefender™ for z/OS Ver. 5.7.3
Among the more consequential forms of cyber-attack, a successful privilege escalation attempt can bypass the limitations of assigned user permissions and open entire systems – including financial and personal identity files – to cyber-criminals. zDefender™ for z/OS v. 5.7.3 implements a mechanism for detecting a certain privilege escalation technique on the mainframe in which an attacker maliciously changes the in-memory privilege bits of his/her executing process, thereby granting himself/herself additional z/OS privileges.
z/OS does not natively produce an audit trail for this action, but CorreLog’s zDefender™ for z/OS can detect escalated privileges when initiated by a user and in real time, send the event message to any name-brand SIEM or IT SOC (Security Operations Center) for high-priority alerts and quick remediation. Alerts can also be sent to zDefender™ Visualizer, CorreLog’s lightweight browser-based mainframe SIEM system.
Click here to download the zDefender™ for z/OS datasheet.
dbDefender™ for IMS, Ver. 2.7.3 New Release
dbDefender™ for IMS ver. 2.7.3 extends data access monitoring to IMS datasets, with enhanced tracking for user logon/logoff records. The solution forwards IMS security event data to any name-brand SIEM, IT SOC, or zDefender™ Visualizer in real-time, enabling up-to-the-second security visibility and alerts in preferred formats such as SMS text or email.
Click here to download the dbDefender™ for IMS datasheet.
CorreLog Speaking Sessions at SHARE Providence 2017
Additionally, Charles Mills, CorreLog’s Director of Advanced Projects, will host a breakout speaking session at SHARE Providence 2017 titled “Cybercrime Fighting for Mainframe Superheroes – A Holistic Approach.” The presentation will help educate attendees on how to leverage the tools their organization already has in place to extend real-time security visibility to their mainframes.
- What: “Cybercrime Fighting for Mainframe Superheroes – A Holistic Approach”
- Abstract: Session Link
- Where: Room 552A/B | Rhode Island Convention Center in Providence
- When: Wednesday, August 9, 10:00 – 11:00 a.m., local time
- Who: Charles Mills | CorreLog Director of Advanced Projects | Speaker Bio
- Session #: 21220
- Tracks: Enterprise Data Center; Security and Compliance
CorreLog will also host a Vendor Sponsored Presentation on Monday, August 7, from 5:30 – 5:40 p.m. in the Tech Talk Corner of the SHARE booth, #130. Interested attendees will have the opportunity to continue speaking with CorreLog following the 10-minute presentation at CorreLog booth #311.
“We look forward to hosting a breakout and demonstrating this new release of zDefender™ at SHARE in Providence this year,” added Faucher. “It’s dangerous to not include real-time mainframe events in your SIEM, and I’m amazed at how many organizations are still using batch reports for their most important system.”
SHARE is an independent volunteer-run information technology association that provides education, professional networking, and industry influence. SHARE is headquartered in Chicago, Illinois, and more information about SHARE can be found at Share.org.
CorreLog, Inc., a privately held corporation, is an independent software vendor (ISV) that has produced software and framework components used successfully by hundreds of private and government organizations worldwide. Our core solutions provide visibility across both mainframe and distributed systems on user activity that is indicative of cyber threat. Since 2008, CorreLog, Inc. has been committed to delivering better decision-support solutions for InfoSec and security auditing professionals who need more advanced perimeter security and improved adherence to PCI DSS, HIPAA, SOX, IRS Pub. 1075, FISMA, NERC and other industry standards for securing data. Our solutions are designed to be highly interoperable and complementary to clients’ existing IT investments.
CorreLog zDefender™ holds certified integrations with IBM, HP, McAfee, Micro Focus, (EMC) RSA Security Analytics, and field integrations with all other brand-name SIEMs. We consider our technology approach to be unique in both personnel and product and we believe our solutions pass the test of low total cost of ownership with high SIEM functionality. For more information on CorreLog products, please visit http://www.CorreLog.com.
Copyright © 2017, CorreLog, Inc. All rights reserved.
All trademarks and registered trademarks used herein are the properties of their respective owners.