Recent headlines prove that any business can be hacked. To minimize the risk of a system breach, it’s imperative to find security issues immediately and not days or even hours later.
Although mainframes produce enormous amounts of event information about what’s happening, such as the event log, audit log and syslog, you do need a way to quickly and easily separate critical security incidents from business-as-usual events – and send them in the right format to your enterprise SIEM.
VitalSigns SIEM Agent for z/OS (VSA) forwards filtered mainframe security logs and messages from your security systems such as RACF, ACF2, Top Secret, DB2, CICS, IMS and FTP in the proper format to Security Information and Event Management (SIEM) systems such as Splunk®, LogRhythm NextGen SIEM, IBM® QRadar®, AlienVault, ArcSight, and others. In today’s world, mainframe teams must comply with strict audit policies, but may not have the time or the resources to filter and format the right data and send it to the enterprise SIEM.
Let VSA help. VSA brings the mainframe into the centre of your enterprise security infrastructure – in real time. Advanced, granular filters quickly and easily separate critical incidents from everyday events so they can be tracked from all corners of the business.