zDetect is a SIEM compatible z/OS mainframe security monitoring tool that detects actual and potential security related issues. It monitors, records and uses advanced security algorithms to apply intelligent analysis to detect suspicious events that can pose a threat to an organization's security situation.
Business Objective
In a complex world and faced with an ever-changing threat landscape, organizations everywhere are looking to improve security management on the mainframe. Organizations worldwide want to better understand mainframe threats and vulnerabilities to:
Protect the organization, systems and confidential data more effectively
Identify security threats as soon as they occur
Reduce the risk of security breaches occurring in the first place
However, most mainframe security monitors simply collect security data and send it to a SIEM. Collecting data is the easy part: the real value lies in transforming that data into useable insight.
In response, RSM Partners security consultants have developed zDetect software using knowledge and experience gained working for leading organizations on mainframe security management.
RSM Partners Solution
zDetect is a powerful z/OS mainframe security monitoring tool that detects actual and potential security issues in real time. Unlike other security monitors, it doesn't just collect security related information to send to an SIEM: zDetect monitors, records and uses sophisticated internal security algorithms to apply intelligent analysis to detect suspicious events.
Events captured by zDetect can be sent to a SIEM or visualized through its easy to use yet comprehensive dashboard interface, running on a standard web browser.
Real time threat detection
Intelligent security analysis
Drill down capability to provide detailed threat analysis
Dashboard displaying relevant security information
Interfaces to SIEMs
Complements the IBM zSecure security suite
Identifies RACF threats and vulnerabilities including:
Poorly defined user controls
Poorly defined resource controls
Privilege elevation
Continual login failures
Identifies RACF weaknesses including:
Missing or weakly defined classes
Poorly defined sensitive resource controls
Identifies z/OS threats and vulnerabilities to:
Sensitive resources
Sensitive commands
System console
Identifies if known system vulnerabilities to z/OS are exploitable
Identifies z/OS subsystem threats and vulnerabilities
Detailed reporting capabilities
Want to find out more?
To discover how RSM Partners zDetect can help your business
Email our team and request our latest technology discussion paper