zSecure Audit helps you extend and enrich the existing Z Systems security (IBM RACF, CA ACF2, or CA Top Secret) by enforcing and enhancing security policies in repeatable, sustainable, and automated fashion. These automated reports also help you quickly locate vulnerabilities and compliance issues in strict security compliance environments such as for the Payment Card Industry Data Security Standard (PCI DSS), Security Technical Implementation Guide (STIG) and other similar standards
zSecure Audit can email customizable reports daily when specific events occur or when there is a potential security breach. Audit events and user access logs generated by IBM security management tools can be populated within Security Information and Event Management (SIEMs) tools such as IBM QRadar for normalization and compliance reporting.
Avoid needless expense with a broad coverage of audit control points and security event records. Provides an audit trail by producing overview and detailed reports about systems and users.
Generates customizable reports when specific events occur or when there is a security breach to help quickly locate problems.
Uses data analytics to detect system changes to help minimize security risks. Identifies changes in members of partitioned data sets and indicates whether a member was added, deleted, or changed.
Allows you to access live security data on mainframes running external security managers (ESM) IBM RACF, CA ACF2 or CA Top Secret, delivering up-to-the-minute audit accuracy.
- Automated detection of security exposure or misconfigurations
- Customizable reports
- Modernize with IBM Cloud Pak for Security (Unified Console)
- Event collection from multiple event-collection providers
- Integration with SIEMs including QRadar
- Extensive coverage of SMF records
Automatically generated reports in standard or customized format help you to quickly locate problems, providing vulnerability analysis of your mainframe, drive discretionary access control, and reduce errors.
Automated compliance framework testing and enhanced reporting capabilities help you quickly locate vulnerabilities and compliance issues in strict environments such as for Payment Card Industry Data Security Standard (PCI DSS), Security Technical Implementation Guide (STIG) and other similar standards.
zSecure Audit can email reports daily when specific events occur or when there is a security breach. Extensive reporting capabilities allow you multiple customizable capabilities.
You can access audit events and user access logs generated by IBM security management tools populated within Security Information and Event Management (SIEM) tools including IBM QRadar for normalization and compliance reporting, harmonizing the collection infrastructure among the product lines.
With IBM zSecure Audit and/or IBM zSecure Alert you can send events into common security event repositories such as SIEM, QRadar and exploit the power of IBM Cloud Pak for Security (CP4S) in your Z environment. What is CP4S? CP4S brings data and workflows into one platform to help security teams: (1) Gain enterprise-wide security insights through a unified console for IBM and 3rd party security tools. CP4S ingests the security events as they come in through common security event repositories such as QRadar. (2) Act faster with AI and automation, simplified operations and streamlined response. And (3) through modernized architecture, access the console anywhere with an open, multicloud platform.
zSecure Audit offers extensive coverage of System Management Facilities (SMF) records and pre-defined event reports enabling you to report on user behavior and identify users who circumvent system security. The CARLa Auditing and Reporting Language (CARLa) used in zSecure Audit enables you to modify the displays and reports using SMF and other data sources.