SDS IronSphere for z/OS

Automated DISA STIG compliance monitoring for z/OS.

Real-time, continuous mainframe security monitoring and auditing.

Product Details 1 Minute Overview Short Videos Webinar Datasheet All Resources

Real-Time z/OS Risk Awareness

This continuous monitoring solution can further strengthen even the most secure mainframe. SDS IronSphere for z/OS also provides assistance for, while complying with, standards that U.S. Federal Government agencies are required to follow. Automatic z/OS STIG compliance monitoring is a major highlight, but IronSphere offers many more security compliance features for the mainframe.

IronSphere for z/OS follows Frameworks and Guidelines

This tool was created by mainframe penetration testers and compliance-minded, security experts. Due to their experience in the field, IronSphere for z/OS follows the guidelines that play integral roles in the framework of security compliance mandates and are required to be followed within certain sectors.

IronSphere provides Mainframe Compliance Assistance by:

Adhering to NIST ISCM (Information Security Continuous Monitoring) Guidelines
Following NIST CSF (Cybersecurity Framework)
Following RMF (Risk Management Framework)
Automatically running security diagnostic scans based on DISA (Defense Information Systems Agency) STIGs (Security Technical Implementation Guides) – Compliance to DISA STIGs is a DoD requirement

This tool also assists in complying with many additional standards (GDPR, FISMA, etc.) by following above frameworks.

How will IronSphere help your Organization?

This solution automatically and continuously identifies system risks, then delivers easy-to-follow remediation steps as part of the assessment results. In addition, results are kept within the tool, proving to compliance auditors that you’ve been continuously monitoring your z/OS system and adhering to ISCM and RMF protocols.

This mainframe solution offers a new level of system visibility by displaying z/OS scan results and system vulnerabilities in a GUI with a “40,000 foot view” for specialized experts within the Security and GRC Teams, Upper-Level Managers, and the z/OS Mainframe Team. The display also contains more details to satisfy and guide z/OS team members charged with implementing the fixes detailed in the guides.

Automate z/OS STIG compliance and add security with IronSphere.

Request Demo/Trial

IronSphere for z/OS – Key Benefits

Simplify z/OS Security Compliance by Automating STIGs

Stronger, Standards-based Mainframe Security
Automate Tedious z/OS STIG Process
More Manageable Compliance Mandates
Find & Display Security Vulnerabilities
Simple Risk Remediation Steps Provided
Help for Auditors; Painless Future Audits

Additional Checks and Flexibility

Many z/OS components lacking DISA STIGs already have their own checks created on the IronSphere system and can be made available to users. If you need another set of checks, simply request it and it’ll be configured ASAP.

Also, some organizations may require even more flexibility. New checks can be created by your team, tailored to fit your needs, and implemented within the product. With these new checks and the power of IronSphere, you have the ability to setup acceptable limits and standards for your mainframe components not covered by a DISA STIG.

Just like any typical component with a DISA STIG on IronSphere, security vulnerabilities and remediation steps are provided after running these checks is complete.

Compliance

This z/OS security tool will reduce workload required to comply with government regulatory standards as compliance was major focus during development. IronSphere can help become compliant with NIST ISCM, FISMA, GDPR, and others; it uses DISA STIGs and can facilitate Risk Management Framework implementation on the mainframe.

GUI Display

Mainframe expertise is not required to view and understand the system’s risks and the course of action that must be followed to resolve them! The GUI provides an opportunity for those outside of the mainframe world to have visibility into this critical system and its vulnerabilities.

Security

IronSphere has the ability to provide additional mainframe security on top of your already hardened system! It does this by identifying vulnerabilities and system issues through continuous monitoring. Following standards and all best practices will result in achieving an unthinkable level of z/OS security and smooth audits.

Features

An ISCM, RMF-based tool that continuously monitors the mainframe on an optimal schedule
Real-time z/OS monitoring helps protect data, achieve top-level security, comply with standards
Helps pass security compliance protocols for z/OS: NIST ISCM, DISA, FISMA, GDPR, & more
GRC for z/OS solution; ideal for many industries: government, financial, insurance
Doesn’t require z/OS expertise to interpret results in GUI; additional fix information for z/OS Team
Provides a single point of reporting for mainframe system health and risks to the system
Saves resources via automatic delivery of DISA STIGs for required system software updates
Lowers overhead and lessens reliance on scarce, experienced mainframe experts; better use of experts
Lean agent gathers data on mainframe efficiently, leaves no trace behind
Flexible solution: define user roles, create your own system checks/STIGs, and can configure other settings
Runs on many mainframe operating systems: z/OS, Linux on IBM Z, z/VSE, z/VM, z/TPF, AS/400
Enhanced security, advanced breach avoidance, compliance for large organizations
Helps smaller z/OS shops with best practices, heightened security, lower costs through automatic process

Datasheet

Download

Resources

View

IronSphere: z/OS STIG Compliance Automation and Mainframe Security

1 Minute Overview

Key Benefits:

Even Stronger Mainframe Security
Automate z/OS STIG Compliance Work
More Manageable Compliance Mandates
Find & Display Security Vulnerabilities
Help for Auditors; Painless Future Audits

IronSphere Automatically and Continuously:

Runs Security Diagnostic Checks on Mainframe
Complies with ISCM, RMF, DISA STIGs for z/OS
Provides Simple Steps to Remediate Issues
Updates Your Security Risks & Fix Status on GUI
Updates Audit Log with Scan Results

Key Differentiators vs. Competing Solutions:

Run Scans on Regular Schedule
No Work on Your End to Run Scans
Receive Real-Time Remediation Guidance
GUI Display Provides Added Visibility

If your browser failed to open the IronSphere Webinar page, please click here.

If your browser failed to open the IronSphere Datasheet (opens in a new tab usually), please click here.

If your browser failed to open the IronSphere Resources page, please click here.

Product Webinar

Exploring DISA STIGs for z/OS and Automating the Process

Thank you for those that joined us for this 30-minute webinar. If you weren’t able to attend, you can watch it now.

The agenda of this webinar includes a presentation by Stu Henderson regarding STIGs for z/OS as well as a demo of IronSphere for z/OS, a tool that automates most of the tedious STIG compliance process.

Webinar Details

z/OS Security & Compliance Software

Check out the latest SDS mainframe security software solutions. These popular products also offer relevant and significant compliance assistance on z/OS.

z/OS Security & Compliance

Free Demo/Trial

We offer individualized product demonstrations by request. Your organization can also try SDS Software on your system for 30 days, free of charge.

Request a Free Demo or Trial