Mainframe Security | Presentations to
Help Keep Your Mainframe Secure


Here are the latest z/OS security presentations, webcasts, white papers, slide shows and videos. These resources should help guard against breaches and protect your organization’s mainframe and the critical data inside.


The very latest z/OS security presentations are conveniently listed here. These white papers, slide shows and webcasts were released between 2011 and 2015 and are listed in reverse chronological order. New mainframe security presentations will be available here just as soon as we find them.

If you’re ever wondering why there’s a need for all these mainframe security presentations in the first place, visit our home page where we’ve listed the latest mainframe breaches and threats. Mainframes can be hacked; proper security solutions and protocol must be in place to prevent that from happening to your organization!

For those looking for mainframe security articles, visit our mainframe access, network security, encryption or mainframe compliance and monitoring sections. Enjoy the following z/OS security presentations.

 

Security Information Event Management – SIEM for z/OS Webinars

There are several webinars focused on SIEM for z/OS on this page. One was recorded in March 2015 and included Bob Thomas and Stu Henderson, two prominent mainframe security experts. SIEM, Security Information and Event Management, is used by many organizations as an excellent monitoring tool, but the mainframe isn’t typically included. Adding z/OS monitoring to SIEM makes it a more comprehensive monitoring solution; this and much more are discussed in this SDS webinar.

Security Information Event Management – SIEM for z/OS Webinars

 

E-Business Server – z/OS Encryption Webinars and White Papers

E-Business Server is a world-class z/OS encryption technology with iron-clad security. This solution utilizes OpenPGP encryption to secure data at rest. Once encrypted, the data is completely safe and can be moved or stored without any further encryption methods required. Many Fortune 500 companies utilize E-Business Server every day. SDS is now distributing, offering support and developing new features for E-Business Server. This page contains several webinars and white papers that describe the benefits of using E-Business Server to secure data on System z mainframes.

E-Business Server – z/OS Encryption Webinars and White Papers

 

z/OS FTP Security Videos & Slide Shows – VitalSigns for FTP

For a slew of webinars and slide shows on z/OS FTP server security, this is a wonderful resource. If securing data is a priority of your organization, securing data in transfer should be a main concern. First, find out why and how your FTP is vulnerable and at risk. Then, several solutions for true z/OS FTP security are examined. Because mainframe FTP is a potential z/OS security nightmare, actions are needed to rectify this impending doom. By visiting this page, you’re taking a powerful first step towards achieving FTP server security and tighter z/OS security.

z/OS FTP Security Videos & Slide Shows – VitalSigns for FTP

 

Managed FTP for z/OS – Automation * Auditing * Security * Monitoring

File Transfer Protocol (FTP) is being used more and more within z/OS environments and with that usage, there are new risks. There needs to be some management to the FTP facility to keep the system both secure and compliant while keeping all the data secure. This is one part of z/OS security that hasn’t been around forever, but nonetheless needs to be addressed. This white paper does an excellent job explaining the need for FTP management and the potential for devastating effects if left untouched.

Managed FTP for z/OS

 

Everything you wanted to know about mainframe security, pen testing and vulnerability scanning .. But were too afraid to ask!

This is the first of a great 7-part series of presentations about mainframe security issues and vulnerabilities. This particular presentation provides an overview along with information related to penetration testing and examples of several mainframe breaches.

There are risks to every mainframe; penetration testing can help mitigate these risks. Penetration testing is essentially ethical hacking done by the “good guys” to find potential security flaws within a mainframe. Penetration testing is important and so is having a solid monitoring tool to thwart any malicious activity before it gets out of hand.

Everything you wanted to know about mainframe security, pen testing and vulnerability scanning.. (Part 1 of 7-part series) by Mark Wilson

 

Top 12 Mainframe Security Exposures and Lessons From A Real Mainframe Break-In

The title says it all here: the top 12 mainframe security issues and exposures are explored. That’s a lot, but there could be even more vulnerabilities within any mainframe. Some great bullet points are provided that could get your shop thinking about new weaknesses that should be shored up. From “MVS Integrity Exposures” to “Excessive Defaults and Privileges” to JES, Tape and DB2 security, there are quite a few components within any mainframe system that need protection. Mainframes will never be secure unless the proper solutions are implemented and everything is looked after by experts.

Top 12 Mainframe Security Exposures and Lessons From A Real Mainframe Break-In by Stu Henderson

 

The State of Mainframe Security – or Lack Thereof

This presentation provides a nice mix of high-level strategic plans and strategies related to keeping the mainframe secure along with more technical expertise. There is a section of “low-hanging fruit” problems the presenters see often. These things will improve the security of your mainframe system with relatively little work, but are issues that must be looked after. The mainframe is not inherently secure and a plan to keep it secure should be in place. These slides provide some examples of mainframe hacks along with plenty of tips to avoid them from happening to your organization.

At the end, they suggest many solutions for a more secure mainframe: self assessment, professional assessment, set standards, lock down privileged users, active monitoring, testing and validation, training, security software and more. Monitoring software is an important part of any mainframe security plan as it can look after malicious hackers on the outside and it’ll mitigate risks of an insider doing harm.

The State of Mainframe Security – or Lack Thereof by Mark Wilson and Brian Cummings

 

The Myth of Mainframe Security

This presentation goes through the history of mainframes and mainframe security. Perceptions about mainframe security have evolved over the last couple of decades and these slides provide an overview of this. Along with previous notions of how secure mainframes were, current issues facing those trying to keep their mainframe secure are looked into. This is a great, high-level discussion that’s definitely worthwhile for everyone involved with mainframes. From yesteryear’s “mainframes are impenetrable” myths to today’s “mainframes are securable” thought process, keeping mainframes secure is as important today as it’s ever been.

From the presentation: “There are many who combatively hold the belief that the mainframe z/OS system is inherently secure. More recently, we hear the pundits changing the tune saying that it is the ‘most securable’ platform. This change recognizes that z/OS customers may undermine the z/OS security capabilities through their system and sub-system configurations, and how they implement their external security manager.”

The Myth of Mainframe Security by Mark Wilson and Glinda Cummings

 

Hacking Mainframes; Vulnerabilities in applications exposed over TN3270

This presentation from Derbycon 2014 exposes some vulnerabilities of z/OS mainframes applications introduced by the TN3270 protocol. It provides some good information about mainframe applications, networking and possible flaws. These flaws present themselves within “applications running within the two most popular transaction managers (CICS and IMS) as well as one of IBM’s own applications.”

It shows the mainframe is connected, more connected than many people believe it is, and because of that, there is potential for being attacked or hacked. This could lead to untold disaster and is something most of us wish not to think about; however, it’s definitely best to think about it before it happens to your organization. For any flaws or vulnerabilities, there are software solutions that will help eradicate them and fully secure your mainframe.

Hacking Mainframes; Vulnerabilities in applications exposed over TN3270 by Dominic White

 

Mainframed: The Secrets Inside that Black Box

This is a great mainframe security webcast (was originally a Google Plus Hangout presentation) that provides basic information about the mainframe in relation to mainframe security. Some more advanced content like penetration testing and hacking is explored. Mr. Young does an excellent job discussing mainframe security concepts. It’s definitely worthwhile for anyone charged with securing a mainframe. Following him at any of his social media accounts (@mainframed767 on Twitter or at Tumblr) is also worth it. FYI, if you like this video tutorial, there are plenty more on YouTube.

Mainframed: The Secrets Inside that Black Box by Phil Young

 

z/OS Ethical Hacking Vulnerability Scanning & Pen Testing

These slides provide a nice overview of z/OS penetration testing. This ethical hacking has the potential to find the security holes and lapses within the system before a malicious hacker does. Penetration testing is one way to find a system’s vulnerabilities. Another is vulnerability scanning, which is also described in this slide show presentation. There are pros and cons to both of these methods, which should be used alongside many other security solutions and software. Without any of these solutions in place, a vulnerability scan would yield so many potential issues, it would defeat the purpose. The bottom line is, mainframes can be hacked, from the inside or outside, and a security plan, along with a set of solutions, is needed to achieve a fully secure mainframe.

z/OS Ethical Hacking Vulnerability Scanning & Pen Testing by Mark Wilson

 

Compliance: How to Manage (Lame) Audit Recommendations

This z/OS security slideshow provides some great recommendations to deal with all types of auditors and to get the most out of the entire audit process. Ideally, an enterprise-wide risk management program can be used during the process so an assessment can be made to spend time and energy in the places securing the important holes rather than partaking in a “wild goose chase” with no benefits even if the goose is caught!

Compliance: How to Manage (Lame) Audit Recommendations by Brian V. Cummings

 

z/OS Communications Server Network Security Overview

This is a thorough z/OS security presentation covering quite a bit of great network security information. All of the roles and objectives of z/OS communications server security are explored along with many operational deployment tips. There are also some excellent workflow diagrams and other visuals that fit well within the slideshow. This is a great z/OS security source for just about everyone to flip through.

z/OS Communications Server Network Security Overview by Lin Overby

 

Integrated Intrusion Detection Services for z/OS Communications Server

This z/OS security slideshow is entirely related to intrusion detection. “z/OS Communications Server provides an integrated Intrusion Detection Services (IDS) for TCP/IP” and here, all this is described along with how the IDS can be used to detect all intrusion attempts against the z/OS. This is a great study to gain more understanding of intrusion detection as a whole and IDS in action.

Integrated Intrusion Detection Services for z/OS Communications Server by Lin Overby

 

z/OS Communication Server IPSec and IP Packet Filtering

z/OS IP security is the focus and there’s quite a bit of useful information and actual operational help. There are plenty of visual workflow diagrams and processes to explain how IP security (IPSec) fits into an entire z/OS security plan. The highlight here is the information provided to enable the deployment of a “z/OS-based IP packet filtering and IPSec solution” and general concepts, scenarios and deployment requirements related to IPSec and packet filtering.

z/OS Communication Server IPSec and IP Packet Filtering by Lin Overby

 

Securely Isolating and Segmenting Traffic across Shared OSA Ports

This lengthy presentation provides great basic information regarding the idea of segmentation and how it fits into an entire z/OS security plan. There are also plenty of real-world examples and details on a number of relevant topics. Outbound and inbound routing with shared OSA ports, OSA IP address registration, segmenting traffic across a shared OSA port and help using ISOLATE make up the major sections of this slideshow.

Securely Isolating and Segmenting Traffic across Shared OSA Ports by Gwen Dente

 

Crypto and Disaster Recovery

This z/OS security slideshow first explains clear key processing, secure key processing and CPACF (CP assist for cryptographic function) protected key- key wrapping. Beyond that, the disaster recovery environment is explored, mainly focusing on how to restore both master keys and encrypted tape drives. Also, the TKE (trusted key entry) in regards to backup and recovery of keys and files is examined.

Crypto and Disaster Recovery by Greg Boyd

 

PCI Compliance Without Compensating Controls – How to Take Your Mainframe Out of Scope

z/OS security and compliance in regards to the Payment Card Industry Data Security Standard (PCI DSS) are explored here. First, the many possible security risks and threats related to an entire system’s different layers and some general concepts and ideas to keep data fully secure are examined. More importantly, many ways to protect data, namely encryption and tokenization, are not only explained but working examples and models for securing data are given.

PCI Compliance Without Compensating Controls – How to Take Your Mainframe Out of Scope by Ulf Mattsson

 

Securing Data in a Cloud Environment

This z/OS security slideshow focuses on securing data in a cloud environment by first breaking down the possibilities of doing so. Both encryption and data tokenization are explained and then the different encryption and tokenization approaches and solutions are evaluated. Then, the cloud environment is brought into the discussion and the different options are tried out in theory. There’s no question: if the cloud is to be used in any way, there needs to be a way to fully secure the data in that environment and this is a great start to that discussion.

Securing Data in a Cloud Environment by Ulf Mattsson

 

SNA Mainframe Security – Because SNA Isn’t Hacked, Instead It Is Infiltrated

There are many vulnerabilities within the SNA mainframe and they set the stage for this z/OS security white paper. The potential for being infiltrated is great and what is currently being used by the “bad guys,” who are actually quite smart programmers most of the time, to get into SNA mainframe applications are SNA-specific and SNA-based and are designed to interact with VTAM on a peer-to-peer basis. There’s a lot more useful information here regarding SNA threats and possible solutions to keep your system secure and free of unwelcomed guests.

SNA Mainframe Security – Because SNA Isn’t Hacked, Instead It Is Infiltrated