Learn more about this series and see the Top 10 below and in this flyer.
Zero Trust Frameworks: The Missing Piece To Mainframe Security
Date and Time: Thursday, October 14 | 10:00 a.m. CDT
Speaker: Ray Overby, Chief Technology Officer, Key Resources, Inc.
Mainframes are a critical aspect to achieving business success, but organizations still aren’t prioritizing mainframe security. Zero Trust Frameworks will, not only secure the mainframe and prevent data breaches and malware propagation, but they also create a strong value proposition for investing in mainframe security. While end-point focused security solutions have evolved, ransomware and malware continue to impact enterprises. The mainframe is susceptible to these attacks. The application of Zero Trust strategies on the mainframe can and will mitigate these attacks.
Key Takeaways:
- What you need to do to first before you implement a Zero Trust mainframe strategy
- Why segmentation cannot stop at the perimeter firewalls
- Why excessive privileges, shared accounts and credentials will lead to an escalation of authority on your mainframe
- How to reduce the attack surface on your mainframe using a Zero Trust framework
Regsiter Now
Finding #9: Excessive Access to z/OS UNIX File System Data Sets
Date and Time: Thursday, October 28 | 10:00 a.m. CDT
Speaker: Ross Cooper, Senior Software Engineer, IBM Corporation
Hear from security experts how to find, report and remedite #9 - excessive access to z/OS UNIX File System Data Sets for CA ACF2, IBM RACF and CA Top Secret.
Register Now
USS Exploits
Date and Time: Thursday, November 11 | 10:00 a.m. CDT
Speakers: Mark Wilson, Technical Director, BMC Software, and Chad Rikansrud, NetSPI
So you’ve got your ESM and z/OS locked down, after years of pentesting, security assessments and remediations right? Good for you! What about Unix Systems Services? What if we told you there are just as many, if not more, ways to compromise a z/OS system from Unix System Services – some of which might be better known to non-mainframers! Join Mark and Chad as we walk you through a number of actual attacks which are viable from USS and why your organization is likely unprepared to thwart them!
Register Now
Finding #8 / #7: Excessive Access to APF Libraries / Excessive Access to SMF Data Sets
Date and Time: Thursday, December 2 | 10:00 a.m. CDT
Speaker: Brian Marshall, President, Vanguard Integrity Professionals
Hear from security experts how to find, report and remediate #8 & #7 - excessive access to APF libraries and SMF data sets for CA ACF2, IBM RACF and CA Top Secret.
Register Now
Real world red team engagement leveraging APF authorized libraries to steal data
Date and Time: Thursday, December 16 | 10:00 a.m. CDT
Speaker: Phil Young, Co-founder of zedsec 390
Check back for more details, coming soon.
Register Now
Finding #6: Improper Use or Lack of UNIXPRIV Profiles
Date and Time: Thursday, January 20 | 10:00 a.m. CDT
Speaker: Steve Hosie, Senior Principal Mainframe Security Advisor, Broadcom
Hear from security experts how to find, report and remediate #6 - improper use or lack of UNIXPRIV profiles for CA ACF2, IBM RACF and CA Top Secret.
Register Now
Back to Basics
Date and Time: Thursday, February 10 | 10:00 a.m. CDT
Speaker: Carla Flores, Client Services Consultant, Broadcom
Check back for more details, coming soon.
Register Now
Finding #5: Started Task IDs are not Defined as PROTECTED IDs
Date and Time: Thursday, February 24 | 10:00 a.m. CDT
Speaker: John Crossno, Principal Product Manager, ASG Technologies
Hear from security experts how to find, report and remediate #5 - for started task IDs are not defined as PROTECTED IDs for CA ACF2, IBM RACF and CA Top Secret.
Register Now
50 Years of the SHARE Security Project
Date and Time: Thursday, March 10 | 10:00 a.m. CDT
Speakers: Barry Schrager, designer and primary author of the mainframe ACF2 Security System, and John Pinkowski, Broadcom
More details coming soon.
Register Now
Finding #4: Critical Data Sets with Global Access Greater than READ
Date and Time: Thursday, March 24 | 10:00 a.m. CDT
Speaker: Marlaina Chidron, Product Manager, Vanguard Integrity Professionals
Hear from security experts how to find, report and remediate #4 - critical data sets with global access greater than READ for CA ACF2, IBM RACF and CA Top Secret.
Register Now
Crypto Lockdown
Date and Time: Thursday, April 14 | 10:00 a.m. CDT
Speaker: Eysha Shirrine Powers, Enterprise Cryptography, IBM Corporation
Join this session to learn best practices for securing your crypto environment. Activate SAF profiles to protect ICSF resources using the CSFSERV, CSFKEYS, CRYPTOZ and DATASET classes. Use the TKE workstation to configure access control points for Crypto Express HSMs. Determine the tradeoffs of various configuration settings.
Register Now
Finding #3: Sensitive Data Sets with global access Greater than NONE
Date and Time: Thursday, April 28 | 10:00 a.m. CDT
Speaker: Byron Smith, Technical Engineer II, M&T Bank
Hear from security experts how to find, report and remediate #3 - sensitive data sets with global access greater than NONE for CA ACF2, IBM RACF and CA Top Secret.
Register Now
Finding #2: Inappropriate Usage of z/OS UNIX Superuser Privilege, UID = 0
Date and Time: Thursday, May 26 | 10:00 a.m. CDT
Speaker: Robert Hansel, President, RSH Consultant
Hear from security experts how to find, report and remediate #2 - inappropriate usage of z/OS UNIX superuser privilege, UID = 0 for CA ACF2, IBM RACF and CA Top Secret.
Register Now
Finding #1: Excessive Number of User IDs with No Password Interval
Date and Time: Thursday, June 23 | 10:00 a.m. CDT
Speaker: Brian Marshall, President, Vanguard Integrity Professionals
Hear from security experts how to find, report and remediate #1 - excessive number of user IDs with no password interval for CA ACF2, IBM RACF and CA Top Secret.
Register Now
SHARE Security Series - Expert Panel Session
Date and Time: Thursday, July 21 | 10:00 a.m. CDT
Speakers: All
Attend the wrap-up of the SHARE Security Series to hear from the security experts on what they see as the next security challenge. This is your opportunity to get outstanding questions answered and provided feedback on what you want to hear next.
Register Now