Z software Z security zSecure Alert IBM Security zSecure Alert
Secure your mainframe against information security threats with sensitive data monitoring, breaches and malicious activity detection, and compliance assurance.
background with blue dots
A Threat Detection and Compliance Solution for Your Z System

Whether IBM DB2, Linux on IBM Z Systems, or any of the supported databases, zSecure Alert identifies and secures operating systems by combining a threat knowledge base from your active configuration parameters. By comparing real-time activity with recent access patterns, zSecure Alert can uncover and report multiple types of attacks and configuration threats, including improper or privileged logons and failed logon attempts, changes that violate security policy, the addition or removal of system authority, suspicious activity on the UNIX subsystem, sensitive data resource information associated with data access and privileged user/group activity, even a lost zSecure Server connection.

Using CARLa Auditing and Reporting Language (CARLa) you can customize the alert reports for email, cell phone and pager delivery, as well as to your central security or network management console. You could even use zSecure Audit to demonstrate compliance with your industry’s security regulations. zSecure Alert also provides guidance on countermeasures to take when a threat is detected. It enables you to predefine and customize a countermeasure using IBM zSecure Admin, such as instantly revoking a user or shutting down an application when a certain security event occurs.

X-Force Threat Intelligence Index 2024

In 2023, 70% of cyberattacks targeted critical infrastructure industries. Check out the new report for deeper insight into attackers' tactics.

Threat detection for critical data

Predefined alerts enable you to quickly detect inappropriate actions or user behavior to provide you more efficient incident response.

Maintain data integrity

Unlike other products that detect threats from system management facility information, IBM zSecure Alert can detect malicious activity ― even when not recorded in the event log.

Drive down costs

Automated real-time compliance monitoring on the mainframe helps reduce your cost and exposure associated with failed audits or compliance.

Helps keep data secure

The ability to quickly diagnose and respond to exposures through closed-loop monitoring, intervention, and remediation enables you to intercept problems before they can damage your business.

Key Features
  • Sensitive data monitoring and threat detection
  • Broad range of monitoring capabilities
  • Guidance on countermeasures
  • Malicious activity detection
  • Fast, flexible alerts to information security threats
  • Modernize with IBM Cloud Pak for Security (Unified Console)
Feature spotlights
Sensitive data monitoring

zSecure™ Alert resides on the mainframe, monitoring IBM® z/OS®, IBM Resource Access Control Facility (RACF®), IBM DB2®, CA, ACF2, IBM Customer Information Control System (CICS®), IBM Information Management System (IMS™), IBM Communications Server, IBM Tivoli® Workload Scheduler, IBM Health Checker, Linux on IBM z Systems™ and UNIX subsystems. Combining a threat knowledge base with parameters from your active configuration, zSecure Alert identifies resources needing protection.

Read the documentation
Malicious activity detection

Unlike other products that only detect breaches from system management facility information, zSecure Alert can also detect malicious activity ― even if it is not recorded in the event logs. Comparing real-time activity with recent access patterns, zSecure Alert discovers additional threats.

Broad range of monitoring capabilities

zSecure Alert helps you detect multiple types of attacks and configuration threats, including improper or privileged logons and failed logon attempts, changes that violate security policy, the addition or removal of system authority, suspicious activity on the UNIX subsystem, sensitive data resource information associated with data access and privileged user/group activity or zSecure Server connection lost.

Fast, flexible alerts

Helping you provide more efficient incident response to prevent costly damage, zSecure Alert notifies you of changes, improper access events and security vulnerabilities. It produces alerts with CARLa Auditing and Reporting Language and can be customized for email, cell phone and pager delivery, as well as to your central security or network management console. It monitors critical system settings and sends alerts if changes are detected, and can also demonstrate compliance with regulations.

Guidance on countermeasures

zSecure Alert provides guidance on countermeasures to take when a threat is detected. It enables you to predefine and customize a countermeasure using zSecure Admin, such as instantly revoking a user or shutting down an application when a certain security event occurs. You can send Write to Operator messages to trigger automated operations or issue RACF commands autonomously. These countermeasures enable administrators to quickly diagnose and respond to failures or exposures.

Scalability for big data systems

V2.2.1 allows storage above the 2 GB boundary ("the bar") to enable processing of more data. Note that the ability to use more virtual memory can have implications for paging and real storage needs. This also frees up storage below the bar for other programs. With models z196 or higher, 64-bit addressing is activated automatically, though reverting back to 31-bit addressing is optional. You can select the program to run on the second panel of menu option SE.0 (SETUP RUN).

Read the documentation
I recently said to my manager, if you have to cut down costs, you can take away any tool from me, but please leave me zSecure Suite. Marcel Schmidt Assistant Vice President, z/OS Expert Mainframe Engineering Swiss Re
Expert resources to help you succeed
Product documentation

Find answers quickly in IBM product documentation.

Explore
Community

Get technical tips and insights from others who use IBM Security zSecure Alert.

Explore
IBM Redbooks

Complimentary, step-by-step guides for download and mobile.

Explore