Security Information & Event Management Blog | SIEM

InfoSec Firsts:  CorreLog and XBridge Combine to Unveil the Industry's First Data Loss Prevention (DLP) and Real-Time SIEM for z/OS at SHARE San Antonio

Posted by Tony Perri on Mar 2, 2016 12:02:09 PM

Information and innovation are the most valuable commodities SHARE_FullLogo_RGB-1.jpgin our increasingly digital world. Thanks to the IT revolution, we now enjoy virtually instant categorization and access to key enterprise data assets. The downside? Many organizations have consolidated their most sensitive Intellectual Property (IP) and consumer identity data in one very predictable spot – mainframes. There can be no doubt where internal and nation-state cyber-thieves have focused their attention.

The innovative technology that brought us here is the same technology canvasing the dynamic world of IT with the burden of too much complexity. IT security visibility is blinded and lethargic from the mutually repellant worlds of distributed and mainframe networks. And because we've naturally assumed our mainframes are secure, we've taken for granted how their purpose and relevance has changed over time.

CorreLog z/OS File Integrity Monitoring Whitepaper download

Mainframes are no longer convoluted iron fridges locked in a basement somewhere. They're connected daily to the internet now, and they process the overwhelming majority of credit card transactions and global stock trades, among many other critical financial and enterprise functions. For 71% of Fortune 500 companies, mainframes continue to be the reliable, efficient beasts of labor trusted to handle their toughest payloads and store their most critical datasets. 96 of the worlds top 100 banks, 23 of the top 25 US retailers, and 9 of the 10 largest insurance companies in the world rely on IBM's mainframes for their key business functions and data storage.

Mainframes will process 30 billion transactions today, and one of them will likely be yours. In spite of this massive volume, many mainframes still suffer from a threefold security and compliance conundrum:

  1. False assumptions that mainframe security is sufficient
  2. Hindered visibility and identification of key enterprise IP and customer datasets
  3. Few software vendors have a reliable way to monitor these critical datasets in real time for quick remediation; the risk of a hack is always a possibility, regardless of preparation.

Many times, organizations don't know where the data that they're responsible to protect most resides, nor do they know where all of their applications are. They don't have real-time notification functionality informing them of unauthorized access and/or manipulation of key datasets. Every minute without notification following a breach creates another minute for data exfiltration.

CorreLog, Inc. and XBridge Systems, Inc. have combined their individual solutions to solve these security and compliance issues by creating CorreLog SIEM Agent for z/OS with Xbridge's DataSniff: The industry's only automated discovery tool for Data Loss Prevention (DLP) and real-time Security Information and Event Management (SIEM) correlation for z/OS.

XBridge's Data Loss Prevention technology, DataSniff, is an automated mainframe data discovery tool used to locate sensitive data as a prerequisite to data classification, database auditing, compliance, data security and/or Identity and Access Management (IAM) initiatives. CorreLog's SIEM Agent for z/OS digests these identified “at risk” datasets, converts SMF logs into syslogs, and furnishes real-time notifications for any unauthorized accesses or changes of these datasets. 

CorreLog’s Visualizer™ is the user interface layer that provides visibility for these two systems in a standard, simplified SIEM, accessible from any standard web browser. Both DataSniff and SIEM Agent for z/OS are compatible with IBM QRadar, HP ArcSight, and RSA Security Analytics (EMC), and are critical components for compliance initiatives such as PCI DSS, HIPAA/HITECH, Sarbanes-Oxley, IRS Pub. 1075, GLBA and other data security standards.

You can find more information on SHARE San Antonio events via their agenda at

To learn more about real-time monitoring and identification of your organization’s key datasets for premium security and compliance functionality, view product details and the SIEM Agent for z/OS with XBridge's DataSniff datasheet at

Topics: compliance standards, automated threat detection, PCI DSS compliance, Log Management, enterprise SIEM system, z/OS security, mainframe security

Subscribe via Email

Connect with CorreLog