IBM Security zSecure CICS Toolkit
Adds security authorization management and administration capabilities to your CICS mainframe environment
backgrounds with blue dots
Security Control and Administration for the CICS Mainframe

zSecure CICS Toolkit improves CICS mainframe transaction processing:

  1. The IBM Customer Information Control System (CICS) is an online transaction processing program (OLTP) that, when used with COBOL programming language, can help in building application programing interfaces (APIs).
  2. Using the APIs provided by CICS, you can write programs that communicate with online users, customer, and other records in a data set using CICS facilities.

The zSecure CICS Toolkit enables CICS applications to use RACF to set access policies in the database.The API facilitates access authorization management checks on more than 2,000 resources, enabling you to easily integrate IBM system security and improve the application’s performance.

The interface and advanced API show only those functions and options that you delegate to your users, extending selected, basic administrative privileges to field administrators while still maintaining control over the types of commands distributed users can execute.

X-Force Threat Intelligence Index 2024

Data theft and leaks accounted for 32% of the impacts of cyberattacks in 2023. Check out the new report to learn how to best safeguard your people and data.

Benefits Help boost application programmer productivity

Application programmers do not need to know the IBM RACF database to create a customized authorization management application

Execute select Z System security functions

If an application on your Web server communicates with CICS on your mainframe, CICS can use its advanced API capabilities to execute select RACF security functions.

Customizable screens

Using the API, you can customize screens to meet requirements of a specific installation and control the information displayed to decentralized administrators.

Features Resource access checks

The Application Programming Interface (API) facilitates access checks on more than 2,000 resources, enabling you to easily replace an application’s internal security with IBM® Resource Access Control Facility (RACF®) security and helping to significantly improve the application’s performance with a high-performance zSecure™ application interface. zSecure™ CICS Toolkit can also implement third party resource checks across most resource classes.

Read the documentation
Separation of duties

zSecure CICS Toolkit reduces the burden of maintenance programming and administration from CICS application developers, helping free them to focus on improving functionality. CICS Toolkit enables your CICS application to use RACF to set access policies which will be retrieved directly from the RACF database, helping separate duties so application support staff members are not authorized to manage authorities and privileges in applications.

Customizable screens

Use the API to easily customize zSecure CICS Toolkit screens to meet requirements of a specific installation and control the amount and type of information displayed to decentralized administrators. You can also customize the RACF commands that zSecure CICS Toolkit supports. The API even allows an authorized application to verify the password of another user. The screens will only show your local administrators the options and fields you have selected.

Sophisticated API capabilities

The advanced API capabilities in zSecure CICS Toolkit can execute select RACF security functions if you have an application on your Web server that communicates with CICS on your mainframe. Functions include verifying a user ID and password entered on the Web interface against the RACF database or using the security functions in RACF to control your Web server and Web applications.

Read the documentation
Easy-to-use menu

Local administrators can quickly issue commands through a menu for functions like password resets and user additions. The zSecure CICS Toolkit menu enables users to stay within the CICS application to issue security commands to the mainframe. Application programmers do not need to know the RACF database or its layout to create a customized RACF security management application, delivering improved time to value.

Scalability for big data systems

V2.2.1 allows storage above the 2 GB boundary ("the bar") to enable processing of more data. Note that the ability to use more virtual memory can have implications for paging and real storage needs. This also frees up storage below the bar for other programs. With models z196 or higher, 64-bit addressing is activated automatically, though reverting back to 31-bit addressing is optional. You can select the program to run on the second panel of menu option SE.0 (SETUP RUN).

Read the documentation
I recently said to my manager, if you have to cut down costs, you can take away any tool from me, but please leave me zSecure Suite. Marcel Schmidt Assistant Vice President, z/OS Expert Mainframe Engineering Swiss Re
Expert resources to help you succeed
Product documentation

Find answers quickly in IBM product documentation.


Get technical tips and insights from others who use IBM Security zSecure CICS Toolkit.


Learn more about product support options.