SDS IronSphere for z/OS

Automated DISA STIG compliance for z/OS. Here’s a DISA STIG Introduction if needed.

Real-time, continuous mainframe security monitoring and auditing.

Product Details 1 Minute Overview Short Videos Webinar Datasheet All Resources

Real-Time z/OS Risk Awareness

This continuous monitoring solution can further strengthen even the most secure mainframe. SDS IronSphere for z/OS also provides assistance for, while complying with, standards that U.S. Federal Government agencies are required to follow. Automatic z/OS STIG compliance monitoring is a major highlight, but IronSphere offers many more security compliance features for the mainframe.

IronSphere for z/OS follows Frameworks and Guidelines

This tool was created by mainframe penetration testers and compliance-minded, security experts. Due to their experience in the field, IronSphere for z/OS follows the guidelines that play integral roles in the framework of security compliance mandates and are required to be followed within certain sectors.

IronSphere provides Mainframe Compliance Assistance by:

Adhering to NIST ISCM (Information Security Continuous Monitoring) Guidelines
Following NIST CSF (Cybersecurity Framework)
Following RMF (Risk Management Framework)
Automatically running security diagnostic scans based on DISA (Defense Information Systems Agency) STIGs (Security Technical Implementation Guides) – Compliance to DISA STIGs is a DoD requirement

This tool also assists in complying with many additional standards (GDPR, FISMA, etc.) by following above frameworks.

How will IronSphere help your Organization?

This solution automatically and continuously identifies system risks, then delivers easy-to-follow remediation steps as part of the assessment results. In addition, results are kept within the tool, proving to compliance auditors that you’ve been continuously monitoring your z/OS system and adhering to ISCM and RMF protocols.

This mainframe solution offers a new level of system visibility by displaying z/OS scan results and system vulnerabilities in a GUI with a “40,000 foot view” for specialized experts within the Security and GRC Teams, Upper-Level Managers, and the z/OS Mainframe Team. The display also contains more details to satisfy and guide z/OS team members charged with implementing the fixes detailed in the guides.

Automate z/OS STIG compliance and add security with IronSphere.

Request Demo/Trial

Simplify z/OS Security Compliance by Automating STIGs

IronSphere – Key Benefits:

Stronger, Standards-based Mainframe Security
Automate Tedious z/OS STIG Process
More Manageable Compliance Mandates
Find & Display Security Vulnerabilities
Simple Risk Remediation Steps Provided
Help for Auditors; Painless Future Audits

Additional STIGs and Flexibility

Many z/OS components lacking DISA STIGs already have STIGs within the IronSphere server and are available to users. If you need another STIG, simply request it and it will be in your inbox ASAP. Starting with your next scan, this STIG will be included in your diagnostics routine! Just like every other application or component, security vulnerabilities and remediation steps are provided.

Also, some organizations may require even more flexibility; IronSphere’s STIG-based scans can be customized to fit your needs. With IronSphere, you have the ability to setup acceptable limits and data points (based on your organization’s standards) for your mainframe components, variables, data, users, libraries, etc.

Compliance

This z/OS security tool will reduce workload required to comply with government regulatory standards as compliance was major focus during development. IronSphere can help become compliant with NIST ISCM, FISMA, GDPR, and others; it uses DISA STIGs and can facilitate Risk Management Framework implementation on the mainframe.

GUI Display

Mainframe expertise is not required to view and understand the system’s risks and the course of action that must be followed to resolve them! The GUI provides an opportunity for those outside of the mainframe world to have visibility into this critical system and its vulnerabilities.

Security

IronSphere has the ability to provide additional mainframe security on top of your already hardened system! It does this by identifying vulnerabilities and system issues through continuous monitoring. Following standards and all best practices will result in achieving an unthinkable level of z/OS security and smooth audits.

Features

An ISCM, RMF-based tool that continuously monitors the mainframe on an optimal schedule
Real-time z/OS monitoring helps protect data, achieve top-level security, comply with standards
Helps pass security compliance protocols for z/OS: NIST ISCM, DISA, FISMA, GDPR, & more
GRC for z/OS solution; ideal for many industries: government, financial, insurance
Doesn’t require z/OS expertise to interpret results in GUI; additional fix information for z/OS Team
Provides a single point of reporting for mainframe system health and risks to the system
Saves resources via automatic delivery of DISA STIGs for required system software updates
Lowers overhead and lessens reliance on scarce, experienced mainframe experts; better use of experts
Lean agent gathers data on mainframe efficiently, leaves no trace behind
Flexible solution: define user roles, create your own system checks/STIGs, and can configure other settings
Runs on many mainframe operating systems: z/OS, Linux on IBM Z, z/VSE, z/VM, z/TPF, AS/400
Enhanced security, advanced breach avoidance, compliance for large organizations
Helps smaller z/OS shops with best practices, heightened security, lower costs through automatic process

Datasheet

Download

Resources

View

IronSphere: z/OS STIG Compliance Automation and Mainframe Security

1 Minute Overview

Key Benefits:

Even Stronger Mainframe Security
Automate z/OS STIG Compliance Work
More Manageable Compliance Mandates
Find & Display Security Vulnerabilities
Help for Auditors; Painless Future Audits

IronSphere Automatically and Continuously:

Runs Security Diagnostic Checks on Mainframe
Complies with ISCM, RMF, DISA STIGs for z/OS
Provides Simple Steps to Remediate Issues
Updates Your Security Risks & Fix Status on GUI
Updates Audit Log with Scan Results

z/OS STIG Compliance

How to Think about STIGs and Automating the Tedious Process

SDS IronSphere for z/OS webinar – April 23, 2019

IronSphere Demo

(4 minutes)

Question & Answer Session

(4 minutes)

Automating z/OS STIG Compliance with Real-time, Continuous Security Monitoring and Simplified Audits

SDS IronSphere for z/OS webinar – October 17, 2018

Stu Henderson’s Introduction and History of Auditors and Mainframe Security Standards

(10 minutes)

Stu Henderson Explains what Auditors Know about Security Standards

(6 minutes)

Stu Henderson’s Summary stresses the Need to Automate the Validation of your z/OS Security Standards

(2 minutes)

IronSphere for z/OS can Stop Hackers by Identifying Mainframe Security Vulnerabilities Continuously

(8 minutes)

Features and Highlights of this Mainframe STIG Automation Tool

(11 minutes)

IronSphere Q&A Session with two Mainframe Security Experts

(7 minutes)

If your browser failed to open the IronSphere Webinar page, please click here.

If your browser failed to open the IronSphere Datasheet (opens in a new tab usually), please click here.

If your browser failed to open the IronSphere Resources page, please click here.

Product Webinar

z/OS STIG Compliance:

How to Think about STIGs and Automating the Tedious STIG Process

Thanks to everyone who attended our z/OS STIG compliance webinar on Tuesday, April 23, 2019.

Webinar Details

SDS Security Software

Check out the latest SDS mainframe security software solutions. Our most popular mainframe security products in 2019 offer:

SDS Mainframe Security

Free Demo/Trial

We offer individualized product demonstrations by request. Your organization can also try SDS Software on your system for 30 days, free of charge.

Request a Free Demo or Trial