icon_CloudMgmt icon_DollarSign icon_Globe icon_ITAuto icon_ITOps icon_ITSMgmt icon_Mainframe icon_MyIT icon_Ribbon icon_Star icon_User icon_Users icon_VideoPlay icon_Workload icon_caution icon_close s-chevronLeft s-chevronRight s-chevronThinRight s-chevronThinRight s-chevronThinLeft s-chevronThinLeft s-trophy s-chevronDown

Let us know how we can help

Sales & Pricing

Speak to a rep about your business needs

Contact Sales

Help & Support

See our product support options

Contact Support

General inquiries and locations

Contact Us

Mainframe Security Services

Managed services to protect mainframes from cyberattacks and vulnerabilities

Connect with an expert
White paper:

Protect Your Mainframe From Accidental & Malicious Events

Download now ›
Datasheet:

Mainframe SWIFT Assessment Service

Download now ›
Analyst research:

Mainframes and Security: Current Trends, Key Capabilities

Download report ›

How strong are your mainframe security controls? Would you know if a threat event happened? Take the guesswork out of mainframe security with expert assessments and penetration tests.

Harden your mainframe against attacks with our Security Assessment service

  • We go beyond simple checklists that leave gaps in your defenses by reviewing all essential security controls.
  • Our experts use a proven methodology to surface findings an audit may not surface.

Keep it safe with penetration tests

  • Uncover new, unaddressed vulnerabilities in your infrastructure, software, and configurations
  • Our experts take a “think like an attacker” approach to identify and map the exploits that could be used to compromise your systems and allow breaches to occur
FAQ: What is a Pentest vs. a Security Assessment?
  • Security Engagements with BMC Mainframe Services (2:00)
    Security Engagements with BMC Mainframe Services (2:00)

Learn how we deliver our security services

How are security assessments performed?

Security Assessments

Following initial technical and scoping exercises:

  • Security configuration and controls defined in the External Security Manager (ESM) are examined for each database
  • Policies and procedures for formal and informal controls are evaluated for weaknesses
  • Poor or weak controls and protections for sensitive data, libraries, and user privileges are captured
  • A detailed report with summary, results, descriptions of vulnerabilities and a remediation project plan are delivered upon completion and reviewed with your team
 
Datasheet:

How are penetration tests performed?

Penetration Tests

After initial data collection of datasets, hardware configuration, and security information from RACF, ACF2 and TSS, our experts will:

  • Examine your mainframe environment using the following checks: Library access, password, public dataset, public resource, user SVC, MVS and JES2/JES3 command authority, RACF/TSS/ACF2 exit, JES2/JES3 spool dataset, MVS subsystem (IMS, Db2, CICS, NETView, etc.), MVS UNIX environment, and other miscellaneous checks
  • Perform vulnerability scanning to identify system integrity issues in code, OS, routines, Authorized Program Function Calls and more
  • Share a report and review of the findings, a remediation checklist, and a demonstration of discovered exploits
 
Datasheet:
Additional resources
The Top Mainframe Security Threats of 2020
The Top Mainframe Security Threats of 2020 (1:00:23)
Mainframe threats
Mainframe Threats
Security Engagements with BMC Mainframe Services (2:00)
Security Engagements with BMC Mainframe Services (2:00)

Getting started with Mainframe Security Services is easy

Connect with an expert