IBM Z and LinuxONE Security and Compliance Center

Security and compliance with automation, monitoring and reporting
Person using computer in server room

Streamline compliance for your mainframe

The IBM Z® Security and Compliance Center (zSCC) is a microservice that gathers compliance data from IBM software and products on IBM Z and LinuxONE platforms to simplify audits, saving time and effort.

Read IBM zSCC solution brief Read IBM LinuxOne SCC solution brief
Time and resource savings

Reduce audit prep to one week from one month, lowering team involvement by over 40%.

Continuous monitoring

Keep automating current tracking despite regulatory drifts, using a unified compliance dashboard.

Process standardization

Simplify processes and prevent misinterpretation of regulations by inexperienced users.

Increased visibility

Automate data collection and validation to enhance compliance oversight visibility.

X-Force® Threat Intelligence Index 2024

Data theft and leaks accounted for 32% of the impacts of cyberattacks in 2023. Check out the new report to learn how to best safeguard your people and data.

Read the report

Use cases

Two office colleagues standing at a filing cabinet and looking at a laptop while discussing work together.
Enable continuous compliance

Translation of regulations to IBM Z and LinuxONE-specific controls add clarity. A centralized, interactive dashboard displays baseline standards. Time-stamped evidence can be captured for a variety of industries.

Mature businessman leading project discussion with coworkers in office
Control and track success

See how your new or changing business requirements could affect regulation compliance. Clear, jargon-free mapping to the regulations helps you control your business’ infrastructure.

Working in group
Streamline compliance

See how different regulations overlap or differ when it comes to security controls. You can automate the data-gathering process to save time and effort.

IBM Power System E1080 (9080-HEX), server rack
Track compliance over time

Quickly gather trustworthy evidence that is time-stamped, immutable and from a clear source. Compliance is shown over time, not just a snapshot, with a tool that “runs silently".

Two business colleagues looking at a dual monitor setup in a large and modern office space discussing technical issues together.
Save time and money through compliance automation

Attempting to maintain your mainframe compliance manually, in an antiquated, periodic, labor-intensive process is not worth the risk. Automation of compliance preserves budget and staff focus.

Two office colleagues standing at a filing cabinet and looking at a laptop while discussing work together.
Enable continuous compliance

Translation of regulations to IBM Z and LinuxONE-specific controls add clarity. A centralized, interactive dashboard displays baseline standards. Time-stamped evidence can be captured for a variety of industries.

Mature businessman leading project discussion with coworkers in office
Control and track success

See how your new or changing business requirements could affect regulation compliance. Clear, jargon-free mapping to the regulations helps you control your business’ infrastructure.

Working in group
Streamline compliance

See how different regulations overlap or differ when it comes to security controls. You can automate the data-gathering process to save time and effort.

IBM Power System E1080 (9080-HEX), server rack
Track compliance over time

Quickly gather trustworthy evidence that is time-stamped, immutable and from a clear source. Compliance is shown over time, not just a snapshot, with a tool that “runs silently".

Two business colleagues looking at a dual monitor setup in a large and modern office space discussing technical issues together.
Save time and money through compliance automation

Attempting to maintain your mainframe compliance manually, in an antiquated, periodic, labor-intensive process is not worth the risk. Automation of compliance preserves budget and staff focus.

Stay compliant and secure with IBM Z. Learn more about prime security with Linux on IBM Z and LinuxOne.

Related products

IBM® zSecure Audit

Measure and verify the effectiveness of your mainframe security policies and security compliance.

Learn more
IBM Cloud® Security and Compliance Center

Automate and centrally manage your organization’s compliance to regulatory and internal standards.

Learn more
Resource Access Control Facility

Protect your mainframe resources with tools that manage and control access to valuable z/OS® data.

Learn more
Discover other IBM Z security products

Explore a broad portfolio of IBM Z security products.

Explore now

Frequently asked questions (FAQ)

The IBM Z Security and Compliance Center can be deployed from z15 or z16®. In addition, it can be deployed natively on LinuxOne. IBM Z Security and Compliance Center can collect data from any system running z/OS 2.4 version or newer.

Yes, this solution requires the use of OpenShift® Container Platform on Linux on IBM Z. Additionally, we now support IBM zCX Foundation for Red Hat® OpenShift (for native z/OS deployment).

Yes, if you are running z/OS 2.4 or later.

The initially available version of the IBM Z Security Compliance Center will feature predefined 1-to-1 mappings of IBM Z controls to requirements specified in the following standards.

  1. PCI DSS v3.2.1 
  2. NIST SP800-53
  3. CIS Benchmarks

Additional standards will be considered in the future based on user feedback.

Yes, you can create your own profiles and groups of controls using a selection of hundreds of technical checks that the IBM Z Security Compliance Center can perform out of the box. You can also import an extensive set of predefined mappings as a basis for your security procedures.

Through this process, the application may be used to prepare your organization for regulatory frameworks not covered by initially available predefined mappings, as well as for internal requirements that are specific to your organization.

Yes, for z/OS systems you can select which LPARs will be in the scope of your scan.

The IBM Z Security Compliance Center automates the collection of compliance relevant data on IBM Z and Linux on IBM Z.

The application contains predefined 1-to-1 mappings of security controls written for IBM Z components (such as RACF, Db2, IBM CICS, IBM IMS, and IBM MQ) to requirements from regulatory frameworks (such as PCI DSS). These mappings were defined by the IBM Z Security team and have been validated with auditors.

Additionally, the solution includes an interactive, customizable dashboard displaying the security controls validated for each requirement, as well as which resources passed and failed. The solution also reports on compliance drift: how compliance posture has changed from one point in time to another.

Yes. You can view detailed scan results in the IBM Z Security Compliance Center dashboard, or a report generated by the application.

For each technical check, you can view a list of all the IBM Z resources that have passed and failed across multiple sysplexes.

You may also view the logic of each scan performed by the application to see exactly what it checked.

The IBM Z Security Compliance Center is equipped with a microservice which sends an ENF signal to all compatible IBM Z components, triggering them to generate compliance data in an enhanced SMF record that has been custom built for this application.

Take the next step

Streamline your compliance. Schedule a no-cost 30-minute meeting with an IBM Z and LinuxONE representative and start your deployment process effortlessly in just five easy steps.

Start your journey today
More ways to explore Community Blog Services Support Documentation Partners