Education

SHARE Security and Compliance Webcast Series: Top 10 Security Vulnerabilities

Learn more about this series and see the Top 10 below and in this flyer.


Zero Trust Frameworks: The Missing Piece To Mainframe Security

Date and Time: Thursday, October 14 | 10:00 a.m. CDT
Speaker: Ray Overby, Chief Technology Officer, Key Resources, Inc.

Mainframes are a critical aspect to achieving business success, but organizations still aren’t prioritizing mainframe security.  Zero Trust Frameworks will, not only secure the mainframe and prevent data breaches and malware propagation, but they also create a strong value proposition for investing in mainframe security.  While end-point focused security solutions have evolved, ransomware and malware continue to impact enterprises. The mainframe is susceptible to these attacks.  The application of Zero Trust strategies on the mainframe can and will mitigate these attacks.  

Key Takeaways:

  • What you need to do to first before you implement a Zero Trust mainframe strategy
  • Why segmentation cannot stop at the perimeter firewalls 
  • Why excessive privileges, shared accounts and credentials will lead to an escalation of authority on your mainframe
  • How to reduce the attack surface on your mainframe using a Zero Trust framework

Regsiter Now


Finding #9:  Excessive Access to z/OS UNIX File System Data Sets  

Date and Time: Thursday, October 28 | 10:00 a.m. CDT
Speaker: Ross Cooper, Senior Software Engineer, IBM Corporation

Hear from security experts how to find, report and remedite #9 -  excessive access to z/OS UNIX File System Data Sets for CA ACF2, IBM RACF and CA Top Secret.        

Register Now


USS Exploits

Date and Time: Thursday, November 11 | 10:00 a.m. CDT
Speakers: Mark Wilson, Technical Director, BMC Software, and Chad Rikansrud, NetSPI

So you’ve got your ESM and z/OS locked down, after years of pentesting, security assessments and remediations right?  Good for you! What about Unix Systems Services? What if we told you there are just as many, if not more, ways to compromise a z/OS system from Unix System Services – some of which might be better known to non-mainframers!  Join Mark and Chad as we walk you through a number of actual attacks which are viable from USS and why your organization is likely unprepared to thwart them!

Register Now


Finding #8 / #7:  Excessive Access to APF Libraries / Excessive Access to SMF Data Sets

Date and Time: Thursday, December 2 | 10:00 a.m. CDT
Speaker: Brian Marshall, President, Vanguard Integrity Professionals

Hear from security experts how to find, report and remediate #8 & #7 - excessive access to APF libraries and SMF data sets for CA ACF2, IBM RACF and CA Top Secret.  

Register Now


Real world red team engagement leveraging APF authorized libraries to steal data

Date and Time: Thursday, December 16 | 10:00 a.m. CDT
Speaker: Phil Young, Co-founder of zedsec 390 

Check back for more details, coming soon.

Register Now


Finding #6:  Improper Use or Lack of UNIXPRIV Profiles

Date and Time: Thursday, January 20 | 10:00 a.m. CDT
Speaker: Steve Hosie, Senior Principal Mainframe Security Advisor, Broadcom

Hear from security experts how to find, report and remediate #6 - improper use or lack of UNIXPRIV profiles for CA ACF2, IBM RACF and CA Top Secret.   

Register Now


Back to Basics 

Date and Time: Thursday, February 10 | 10:00 a.m. CDT
Speaker: Carla Flores, Client Services Consultant, Broadcom

Check back for more details, coming soon.

Register Now


Finding #5:  Started Task IDs are not Defined as PROTECTED IDs  

Date and Time: Thursday, February 24 | 10:00 a.m. CDT
Speaker: John Crossno, Principal Product Manager, ASG Technologies

Hear from security experts how to find, report and remediate #5 -  for started task IDs are not defined as PROTECTED IDs for CA ACF2, IBM RACF and CA Top Secret. 

Register Now


 50 Years of the SHARE Security Project

Date and Time: Thursday, March 10 | 10:00 a.m. CDT
Speakers: Barry Schrager, designer and primary author of the mainframe ACF2 Security System, and John Pinkowski, Broadcom

More details coming soon.

Register Now


Finding #4:  Critical Data Sets with Global Access Greater than READ      

Date and Time: Thursday, March 24 | 10:00 a.m. CDT
Speaker: Marlaina Chidron, Product Manager, Vanguard Integrity Professionals

Hear from security experts how to find, report and remediate #4 - critical data sets with global access greater than READ for CA ACF2, IBM RACF and CA Top Secret.     

Register Now


Crypto Lockdown

Date and Time: Thursday,  April 14 | 10:00 a.m. CDT
Speaker: Eysha Shirrine Powers, Enterprise Cryptography, IBM Corporation

Join this session to learn best practices for securing your crypto environment. Activate SAF profiles to protect ICSF resources using the CSFSERV, CSFKEYS, CRYPTOZ and DATASET classes. Use the TKE workstation to configure access control points for Crypto Express HSMs. Determine the tradeoffs of various configuration settings.

Register Now


Finding #3:  Sensitive Data Sets with global access Greater than NONE  

Date and Time: Thursday,  April 28 | 10:00 a.m. CDT
Speaker: Byron Smith, Technical Engineer II, M&T Bank

Hear from security experts how to find, report and remediate #3 - sensitive data sets with global access greater than NONE for CA ACF2, IBM RACF and CA Top Secret. 

Register Now


Finding #2:  Inappropriate Usage of z/OS UNIX Superuser Privilege, UID = 0

Date and Time: Thursday,  May 26 | 10:00 a.m. CDT
Speaker: Robert Hansel, President, RSH Consultant

Hear from security experts how to find, report and remediate #2 - inappropriate usage of z/OS UNIX superuser privilege, UID = 0 for CA ACF2, IBM RACF and CA Top Secret.  

Register Now


Finding #1:  Excessive Number of User IDs with No Password Interval

Date and Time: Thursday,  June 23 | 10:00 a.m. CDT
Speaker: Brian Marshall, President, Vanguard Integrity Professionals

Hear from security experts how to find, report and remediate #1 - excessive number of user IDs with no password interval for CA ACF2, IBM RACF and CA Top Secret.  

Register Now


SHARE Security Series - Expert Panel Session

Date and Time: Thursday,  July 21 | 10:00 a.m. CDT
Speakers: All 

Attend the wrap-up of the SHARE Security Series to hear from the security experts on what they see as the next security challenge.  This is your opportunity to get outstanding questions answered and provided feedback on what you want to hear next.  

Register Now