icon_CloudMgmt icon_DollarSign icon_Globe icon_ITAuto icon_ITOps icon_ITSMgmt icon_Mainframe icon_MyIT icon_Ribbon icon_Star icon_User icon_Users icon_VideoPlay icon_Workload icon_caution icon_close s-chevronLeft s-chevronRight s-chevronThinRight s-chevronThinRight s-chevronThinLeft s-chevronThinLeft s-trophy s-chevronDown

BMC Hardens Mainframe Security with New Capabilities to Protect Against Malicious Insider Threats

Additional offerings help organizations automate, orchestrate, and manage workflows with ease and agility

HOUSTON – July 7, 2021  BMC, a global leader in software solutions for the Autonomous Digital Enterprise, announced several new innovations and integrations within the BMC Automated Mainframe Intelligence (BMC AMI) and BMC Compuware portfolios designed to improve threat detection and response and expand access to mainstream DevOps tools to modernize mainframe applications and increase developer productivity.

These updates enable users to:

  • Uncover weaknesses and malicious activity before a compromise occurs with automated detection and response to suspicious or unusual, privileged user activity.
  • Accelerate development team output with new integrations that simplify continuous integration (CI) and continuous delivery (CD) pipelines, as well as orchestrate automated deployments across multiple platforms.
  • Increase mainframe performance and resilience with a solution that diagnoses potential Java Virtual Machine (JVM) performance issues, a valued capability given the increase in Java applications running on mainframes.
  • Improve the mainframe developer and systems programmer experience with a contribution to the Open Mainframe Project's Zowe framework.

Protect Access to Privileged Accounts

The fastest route to mainframe data is through privileged accounts, as well as supervisor and credentialed-call activities. These accounts can be compromised by external attackers or malicious internal users who can issue call activities that allow them to access and steal valuable data. Even worse, once compromised, they are an effective way for attackers to deploy ransomware, avoid detection, and increase their dwell time.

The new and expanded supervisor call screener and Unix® System Service (USS) data enrichment for the BMC AMI Security solution surfaces calls that might indicate malicious activities and quickly shows user actions with superuser privileges. This solution provides all BMC AMI Security customers with an added level of security protection against compromised privileged user accounts to stop and prevent threat campaigns, insider theft, or unseen privilege levels that may lead to future attacks.

According to Forrester¹, "Whether accidental or malicious, insider incidents can result in financial fraud, privacy abuses, intellectual property theft, or damage to infrastructure. It's difficult for security pros to detect this suspicious activity because insiders need to have privileged access to data to do their jobs. Since insiders are people and, therefore, entitled to privacy and due process, security pros must handle these incidents with greater care than external threats."

Increase Developer Agility and Enable Faster Application Updates

BMC continues to expand access to mainstream DevOps-enabled tools to empower mainframe developers across all experience levels to deliver modern mainframe applications.

According to the 2021 BMC-commissioned Forrester Consulting study, "Modernizing Mainframe Development Tools Can Help Drive Greater ROI," over three quarters of developers indicated the mainframe is of utmost importance to their organization. However, 8 out of 10 stated their mainframe development tools need significant improvement to provide more value. The study concluded that teams with modern tools are further along in their efforts to create modern mainframe applications and have fewer issues with skills gaps and top talent acquisition.

The BMC Compuware ISPW solution now integrates with GitHub Actions and HCL Launch to further automate the mainframe application development and deployment process, reducing cost and complexity.

GitHub Actions and HCL Launch extend the existing built-in CI/CD integrations in the BMC Compuware ISPW solution, which include Jenkins, Git, GitLab, GitHub, VS Code, and REST APIs. With GitHub Actions, users can reduce errors and improve application quality by setting up CI/CD pipelines with automated workflows.

HCL Launch enables developers to orchestrate automated deployments across multiple environments with a single click. HCL Launch also broadens the existing CD integrations from BMC with Digital.ai Release and CloudBees Flow to make deployments faster and easier.

Customers can now also use an HCL Launch plug-in for the BMC AMI DevOps for Db2 solution to automatically capture and propagate database changes across Db2® environments, in addition to Jenkins and IBM® UrbanCode® Deploy.

Quickly Identify Java Performance Issues

The BMC AMI Ops Monitor for Java Environments solution automatically discovers all JVMs across z/OS®. It enables users to find and fix problems quickly by identifying performance issues caused by JVMs and understanding their impact on other workloads. New, extended capabilities ensure higher availability and better response time by enabling the mainframe to take diagnostic actions and see information about the APIs and services used by JVMs.

BMC Joins The Open Mainframe Project's Zowe

The new Workflow WiZard tool from BMC has been accepted as part of the Open Mainframe Project's Zowe, an integrated and extensible open source framework for z/OS. Workflow WiZard makes the job of developers and systems programmers easier by streamlining the installation, configuration, and maintenance of IBM and ISV z/OS software products. This contribution emphasizes the company's commitment to the Open Mainframe Project and provides an opportunity to collaborate with the mainframe community and increase innovation on the z/OS platform.   

"Clients rely on BMC to support their mainframe transformation. We prevent insider threats to the mainframe, increase software delivery, quality, velocity, and efficiency, and strengthen operational resilience," said John McKenny, Senior Vice President and General Manager, Intelligent Z Optimization and Transformation at BMC. "With new and expanded capabilities for our BMC AMI and BMC Compuware solutions, they can continue to turn the mainframe into a hub of innovation for every Autonomous Digital Enterprise."

¹"Best Practices: Mitigating Insider Threat", Forrester, March 18, 2021

Additional Resources

About BMC
From core to cloud to edge, BMC delivers the software and services that enable over 10,000 global customers, including 84% of the Forbes Global 100, to thrive in their ongoing evolution to an Autonomous Digital Enterprise.

BMC, BMC Software, the BMC logo, and other BMC marks are the exclusive properties of BMC Software, Inc. and are registered or may be registered with the U.S. Patent and Trademark Office or in other countries.

IBM, Db2, UrbanCode, and z/OS are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both.

UNIX® is the registered trademark of The Open Group in the US and other countries.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

©Copyright 2021 BMC Software, Inc. 

BMC—Run and Reinvent 

Editorial contact: 
Ana Gabriel