SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

BMC Ups Mainframe Security Against Malicious Insider Threats

July 8, 2021

BMC enhanced their Automated Mainframe Intelligence portfolio which is designed to improve threat detection and response and expand access to mainstream DevOps tools to modernize mainframe applications and increase developer productivity.

These updates enable users to:

Uncover weaknesses and malicious activity before a compromise occurs with automated detection and response to suspicious or unusual, privileged user activity.

Accelerate development team output with new integrations that simplify continuous integration (CI) and continuous delivery (CD) pipelines, as well as orchestrate automated deployments across multiple platforms.

Increase mainframe performance and resilience with a solution that diagnoses potential Java Virtual Machine (JVM) performance issues, a valued capability given the increase in Java applications running on mainframes.

Improve the mainframe developer and systems programmer experience with a contribution to the Open Mainframe Project's Zowe framework.

Protect Access to Privileged Accounts

The fastest route to mainframe data is through privileged accounts, as well as supervisor and credentialed-call activities. These accounts can be compromised by external attackers or malicious internal users who can issue call activities that allow them to access and steal valuable data. Even worse, once compromised, they are an effective way for attackers to deploy ransomware, avoid detection, and increase their dwell time.

The new and expanded supervisor call screener and Unix® System Service (USS) data enrichment for the BMC AMI Security solution surfaces calls that might indicate malicious activities and quickly shows user actions with superuser privileges. This solution provides all BMC AMI Security customers with an added level of security protection against compromised privileged user accounts to stop and prevent threat campaigns, insider theft, or unseen privilege levels that may lead to future attacks.

According to Forrester¹, "Whether accidental or malicious, insider incidents can result in financial fraud, privacy abuses, intellectual property theft, or damage to infrastructure. It's difficult for security pros to detect this suspicious activity because insiders need to have privileged access to data to do their jobs. Since insiders are people and, therefore, entitled to privacy and due process, security pros must handle these incidents with greater care than external threats."

Increase Developer Agility and Enable Faster Application Updates

BMC continues to expand access to mainstream DevOps-enabled tools to empower mainframe developers across all experience levels to deliver modern mainframe applications.

According to the 2021 BMC-commissioned Forrester Consulting study, "Modernizing Mainframe Development Tools Can Help Drive Greater ROI," over three quarters of developers indicated the mainframe is of utmost importance to their organization. However, 8 out of 10 stated their mainframe development tools need significant improvement to provide more value. The study concluded that teams with modern tools are further along in their efforts to create modern mainframe applications and have fewer issues with skills gaps and top talent acquisition.

The BMC Compuware ISPW solution now integrates with GitHub Actions and HCL Launch to further automate the mainframe application development and deployment process, reducing cost and complexity.

GitHub Actions and HCL Launch extend the existing built-in CI/CD integrations in the BMC Compuware ISPW solution, which include Jenkins, Git, GitLab, GitHub, VS Code, and REST APIs. With GitHub Actions, users can reduce errors and improve application quality by setting up CI/CD pipelines with automated workflows.

HCL Launch enables developers to orchestrate automated deployments across multiple environments with a single click. HCL Launch also broadens the existing CD integrations from BMC with Digital.ai Release and CloudBees Flow to make deployments faster and easier.

Customers can now also use an HCL Launch plug-in for the BMC AMI DevOps for Db2 solution to automatically capture and propagate database changes across Db2® environments, in addition to Jenkins and IBM® UrbanCode® Deploy.

Quickly Identify Java Performance Issues

The BMC AMI Ops Monitor for Java Environments solution automatically discovers all JVMs across z/OS®. It enables users to find and fix problems quickly by identifying performance issues caused by JVMs and understanding their impact on other workloads. New, extended capabilities ensure higher availability and better response time by enabling the mainframe to take diagnostic actions and see information about the APIs and services used by JVMs.

BMC Joins The Open Mainframe Project's Zowe

The new Workflow WiZard tool from BMC has been accepted as part of the Open Mainframe Project's Zowe, an integrated and extensible open source framework for z/OS. Workflow WiZard makes the job of developers and systems programmers easier by streamlining the installation, configuration, and maintenance of IBM and ISV z/OS software products. This contribution emphasizes the company's commitment to the Open Mainframe Project and provides an opportunity to collaborate with the mainframe community and increase innovation on the z/OS platform.

"Clients rely on BMC to support their mainframe transformation. We prevent insider threats to the mainframe, increase software delivery, quality, velocity, and efficiency, and strengthen operational resilience," said John McKenny, Senior Vice President and General Manager, Intelligent Z Optimization and Transformation at BMC. "With new and expanded capabilities for our BMC AMI and BMC Compuware solutions, they can continue to turn the mainframe into a hub of innovation for every Autonomous Digital Enterprise."

Terms of Use | Copyright © 2002 - 2021 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement