Subject matter experts will be available to answer your questions, which you can ask through web chat during the presentation. You can also submit them in advance at this URL.
You might also be interested in this
This integration also applies to the zSecure Adapters for QRadar SIEM. The complementary integration with zSecure Alert will be briefly mentioned.
This SSE for zSecure 2.2 provides the following benefits:
- filter commands to quickly zoom in to records of interest
- fast navigation to jump to RACF user and group details
- quick admin capability for TSO and UNIX properties
- enhanced e-mail configuration
- ability to configure large buffers 'above the bar' (64-bit exploitation)
These changes apply to one or more of the following components: zSecure Admin, zSecure Audit, and zSecure Alert.
Details can be found in this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
In this lab configuration guide, authors Smita Kale, Bosko (Boli) Popovic and Vladimir Jeremic walk you through how to set up the lab environment when demonstrating an integration use case.
The IBM Security products that are used to manage user activity on the network video focuses on using IBM XGS, Identity Manager, and Directory Integrator to control user access. The video is available at: http
The Lab Configuration Guide describes the configuration settings necessary for each of the IBM products used in the scenario that is demonstrated in the video. The video assumes that the initial setup was performed for the XGS, Identity Manager, and Directory Integrator products. This guide describes the configuration sets needed to enable the product integration for delivering the end user experience described in the video.
The configuration files needed for Identity Manager are also included, as well as the custom XGS adapter in a .jar package. All assembly lines are included.
To view the full Lab Configuration Guide, click here:
Check out this article from authors Jia Li Chen, Wei Wei Zhang, and Cheng-Yu Yu on how to retrieve deleted templates in AppScan.
In AppScan Enterprise, there are 14 default scan templates installed within the product. However, users may delete default templates in the console by mistake. Learn two methods to retrieve default templates in AppScan Enterprise.
An expert panel will host a Q&A session on all things Cognitive Security and Watson for Cyber Security.
The hangout starts today at 1:30-2:30 pm ET.
BigFix® customers are medium- and large- sized companies that use the product to manage mostly software and security of a certain amount of computers (that amount may vary from dozens to tens of thousands). Many of these customers requested a way to quickly collect information from their environments because BigFix has not been natively built to provide high response times, but rather, persistence and effectiveness. In the first quarter of 2016, the BigFix Rome development team worked on a solution that was able to fulfill these requests; this solution is BigFix Query. Read the tutorial here.
On October 1, 2015 IBM issued a Statement of Direction about providing 64-bit addressing support in IBM Security zSecure. This support has now become available as a Service Stream Enhancement (SSE) to zSecure 2.2.0.
64-bit addressing allows the use of memory above the 2GB "bar" implied by addresses consisting of only 31 bits. Besides allowing the program to store and retrieve larger amounts of data, this also frees up memory "below the bar" that can be used by (other) 31-bit addressing programs.
Typical functions in zSecure that benefit from having a lot of memory available include
- processing very large numbers of events from the SMF event log, e.g. as sent on to IBM Security QRadar SIEM;
- analyzing data for many security databases and LPARs at the same time;
- rule-based compliance analysis based on many underlying technical reports;
- analyzing large intervals (possibly a year or more) of access use data, e.g. to identify obsolete permissions.
The SSE also includes enhancements to 31-bit addressing support. Details can be found in this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
The changes apply to all components of zSecure for z/OS except for zSecure CICS Toolkit and zSecure Command Verifier. For the full benefits a z196 or newer hardware is required.
If you haven't already, watch videos from the IBM Security Summit. Highlights include a presentation by Ginny Rometty on the future of cognitive security.
What if you could build your own authorization proxy that could receive requests and check if they are authorized? It would mean that you could be in greater control of authorization. Read the tutorial on this fairly easy method of creating your own fine-grained authorization if you are not satisfied with your SaaS's authorization checks.
IBM Security Guardium® now has several enhancements that became available on June 3, 2016.
Among the enhancements for V10.1 are:
Read the tutorial for full details.
The figure below is just one of the new enhancements for this release, where administrators are able to see at a glance if there are issues in their managed environment and address them before they get worse.
Watch the tech talk here, which outlines the updates and enhancements.
You can also receive updates to IBM Guardium by signing up for the IBM
So many of us use mobile devices in our day-to-day lives; from business to personal, mobile security is an important topic to ensure that we can safely use our phones, tablets, and more. The ease and convenience of mobile devices comes a great cost:
"...mobility comes with a greater number of security risks and concerns than expected...and more IT resources are required to support the increased number of devices and applications."
This report is an anonymous survey and the findings show how mobile devices have changed security, how businesses are changing the ways that they work, and how they're trying to protect their data.
On February 16, 2016 IBM announced authentication enhancements for z Systems, including a new product IBM Multi-Factor Authentication for z/OS (5655-162), with a planned availability date of March 25, 2016.
IBM z/OS Security Server Resource Access Control Facility (RACF) provided enabling infrastructure updates for z/OS V2R1 and V2R2.
IBM Security zSecure suite provided supporting updates for zSecure 2.1, 2.1.1, and 2.2.
Multi-Factor Authentication raises the level of assurance of mission-critical systems by requiring authentication with multiple factors during the logon process.
Each authentication factor must be from a separate category of credential types:
1) Something you know (e.g. a password or PIN code),
2) Something you have (e.g. an ID badge or a cryptographic key),
3) Something you are (e.g. a fingerprint or other biometric data).
More details can be located through this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
You might also be interested in the zSec
Comment (1) Visits (1026)
Exciting news out of the #IBMSecuritySummit that signifies our journey into the era of #CognitiveSecurity – Watson for Cyber Security is a new version of Watson trained in the language of security and delivered via the IBM Cloud. http
Read the blog post over at IBM Security at http
You can read more about Cognitive Security here.
An assessment of recent data from IBM Managed Security Services (IBM MSS) reveals some interesting findings about attack vectors that don’t make headlines anymore: "Footprinting and Password Brute Force Attack Patterning."
IBM Security Guardium® leads the way in providing a monitoring and auditing solution for NoSQL database systems. In this article by Kathryn Zeidenstein and Sundari Voruganti, the authors provide an overview of one popular NoSQL database, Apache Cassandra, and explain how and why Guardium can help organizations protect Cassandra data and automate compliance reporting and sign-offs. This article includes detailed instructions and a sample security policy to help you configure Guardium and extract value immediately.