Automated detection and response for the mainframe

BMC AMI Security continuously defends and hardens the mainframe against insider threats, social-engineering attacks, credential theft, and zero-day vulnerabilities.

  • 3 years ago Posted in
BMC has introduced new capabilities for the BMC AMI Security solution to automatically protect, detect, and respond to threats on the mainframe. BMC AMI Security shares mainframe security events with enterprise security information and event management systems (SIEM) in real-time, providing actionable insights for incident responders.

 

Autonomous Digital Enterprises today amass and use data from across the enterprise, including the mainframe, for optimal operations and a transcendent customer experience. The mainframe is very securable, but zero-day threats, configuration weaknesses, and modern threats like ransomware present risks to the sensitive data that live on mainframes.

 

Securing the mainframe requires skills that are in short supply. So, BMC AMI Security comes with years of experience with intelligence and automated security processes built-in to defend mainframes and surface findings that are actionable for incident responders, making both security and operations teams more efficient.

 

With the BMC AMI Security solution, organisations can:

 

·       Automatically halt suspicious and known malicious actions: Automated protection, detection, and response to mainframe security events stops threats before systems are compromised, provides visibility into attack methods, and reduces mean time to repair (MTTR). Behavioural analytics operate in real-time and trigger alerts for Indicators of Compromise (IOCs) on the mainframe. 

·       Close the window of opportunity for attackers to go undetected: Integrations with leading SIEMs give security teams visibility of actions occurring on the mainframe in real-time with a timeline of actions to quickly investigate threat events.

·       Secure critical data, uncover risks, and continuously harden the mainframe: One of the largest sets of IOCs based on attack behaviours are provided out of the box for faster investigations. Security practitioners can see all actions occurring on the mainframe to continuously monitor databases for suspicious activity.

·       Adhere to compliance demands with alerts, audits, and real-time visibility: Out-of-the-box reports, real-time alerts, and audit trails for production systems seamlessly work with all major SIEMs to help achieve key HIPAA, PCI, DSS, and GDPR compliance mandates in minutes.

·       Simplify administration and operations: Automated password management improves the efficiency of users and the service desk. A graphical user interface simplifies basic management tasks, and auditable emergency access allows faster performance of essential services.

 

Enterprises are realising the value of moving from Endpoint Detection and Response (EDR) to Extended Detection and Response (XDR) tools. Data correlation and centralisation, in particular, help to surface data relevant to detection.

 

“Centralisation and normalisation of data also helps improve detection by combining softer signals from more components to detect events that might otherwise be ignored,” according to Gartner.*

 

“As an enterprise system storing some of an organisation’s most sensitive data, the mainframe is a target for attackers. If not properly secured, the mainframe can be compromised in minutes,” said John McKenny, Senior Vice President of ZSolutions Strategy and Innovation at BMC. “BMC AMI Security is the virtual, always-on security expert for the mainframe that enterprises need. Its ability to adapt to threats and help enterprises include the mainframe into their XDR strategy solves a potentially large gap in protecting sensitive data within every Autonomous Digital Enterprise.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...