Compuware and CorreLog Give Enterprise Security and Compliance Teams Vital Application-Level Mainframe Insight
Integration Empowers Customers to Better Detect Behavioral Anomalies and More Cost-Efficiently Fulfill Auditing/Reporting Mandates
Large enterprises have historically lacked deep mainframe application insight and/or have had that insight trapped in siloed monitoring applications that are not integrated into their broader SIEM implementations.
This inadequately integrated mainframe insight is highly problematic given the risks associated with internal breaches, growing use of third-party developers, and increasingly sophisticated external threats.
Compuware and CorreLog together offer a highly effective means of capturing deep application-level mainframe insight and incorporating that insight into cross-platform alerting/reporting environments.
By taking advantage of this integration, enterprises can significantly reduce both their security- and compliance-related risks, while also driving down their cost of IT operations.
DETROIT—April 1, 2016—Compuware® and CorreLog® are collaboratively addressing the growing need of mainframe owners to both 1) obtain deep application-level insight into user activity and behaviors in their z/OS mainframe environments and 2) integrate that mainframe-specific insight into their broader, cross-platform Security Information and Event Management (SIEM).
Compuware and CorreLog are delivering these much-needed capabilities by integrating Compuware’s Hiperstation Application Auditing solution with CorreLog SIEM Agent for z/OS. By taking advantage of this integration, mainframe owners can capture critical data about which users are accessing specific applications and data, when the access occurred, how often access occurs, how that access diverges from other similar users, etc. This data can then be incorporated into enterprise SIEM solutions in order to provide cyber-security teams with a single window into all relevant user activity data and alerts across all platforms.
Rich application-level mainframe insight integrated into cross-platform enterprise SIEM is increasingly important for several reasons:
- The growing need to closely audit internal access. Executives and auditors alike are increasingly sensitive to the risks posed by privileged accounts. This makes it especially important to track how mainframe and non-mainframe developers (including third-party contractors), sysadmins, DBAs, and the like interact with z/OS applications and data—including core COBOL systems.
- The rapid rise of “low and slow” security breaches. Cyber-criminals increasingly engage in subtle infiltrations that avoid conventional network-based detection methods, followed by similarly subtle long-term exfiltrations of valuable data. To combat these sophisticated tactics, enterprise InfoSec teams need to apply more sophisticated analytics to more complete cross-platform application activity data.
- The economic value of minimizing compliance “friction.” The growing demands of internal and external auditors for comprehensive, credible reporting on data access are placing a non-trivial drain on IT’s limited staff resources. Streamlined, rules-based unification of SIEM data sources reduces the cost of this reporting—freeing up resources, while improving timeliness and ensuring accuracy.
In addition to enhancing enterprise SIEM implementation with rich, timely insight into mainframe application activity, the Hiperstation/CorreLog integration will also allow InfoSec and compliance staff to actually replay any user application sessions that they believe require further investigation.
“The mainframe remains the repository of the digital ‘crown jewels’ at most global enterprises,” said Compuware CEO Chris O’Malley. “By making mainframe-related SIEM insight more readily available to less mainframe-centric infosec teams, Compuware and CorreLog are uniquely empowering our enterprise customers to better protect these crown jewels against both internal and external threats—and to better comply with data governance mandates while consuming far less of their precious IT staff resources.”
“Compuware’s Hiperstation generates mainframe security and compliance data of profound interest to enterprise security, compliance, risk, and governance teams—who unfortunately often fail to adequately exploit it because it’s stuck outside their SIEM environment,” said CorreLog CEO George Faucher. “Our partnership puts this rich insight at the fingertips of enterprise guardians so their visibility can extend unhindered across platforms, programing languages, and database architectures.”
Compuware Hiperstation is a passive monitoring solution that captures all mainframe VTAM activity by user ID and IP address. It maintains a record of specified application interactions and sensitive data accessed during every monitored session. Hiperstation passes this insight to CorreLog SIEM Agent for z/OS in the form of SMF records, which CorreLog can then use in its own alerting and dashboard applications—or, in real time, pass along to leading SIEM solutions such as HP ArcSight, IBM QRadar, Splunk, and Dell SecureWorks.
CorreLog is the leading independent software vendor (ISV) for cross-platform IT security log management and correlation. Our solutions provide the best-in-class, real-time event log management across both distributed (Windows/UNIX/Linux) and mainframe platforms (IBM z/OS). Event Log data from CorreLog Agents is ready-format for any name-brand enterprise SIEM system. For more information, visit www.correlog.com.
Compuware empowers the world’s largest companies to excel in the digital economy by fully leveraging their high-value mainframe investments. We do this by delivering highly innovative solutions that uniquely enable IT professionals with mainstream skills to manage mainframe applications, data, and platform operations. Learn more at compuware.com.
Press Contact for CorreLog
Tony Perri, CorreLog Marketing & PR, firstname.lastname@example.org, (239) 514-3331, ext. 406
Press Contacts for Compuware
Kristina LeBlanc, The Medialink Group, email@example.com, (508) 930-5636
Mary McCarthy, Public Relations Manager, Compuware, firstname.lastname@example.org, (313) 227-8188
For Sales and Marketing Information
Compuware Corporation, One Campus Martius, Detroit MI 48226, 800-521-9353, www.compuware.com.
Copyright © 2016, CorreLog, Inc. All rights reserved. All trademarks and registered trademarks used herein are the properties of their respective owners.
Copyright © 2016, Compuware Corporation. All rights reserved. The Compuware products and services listed within this release are trademarks or registered trademarks of Compuware Corporation.