Jed Lampi, Marketing LeadVitalSigns SIEM Agent for z/OS (VSA) fills a major gap in your enterprise security infrastructure by delivering z/OS event records to your SIEM solution in real time.
Implementing a z/OS SIEM agent like VSA is the most practical and useful way to view important z/OS security events while fulfilling event logging compliance requirements (SOX, PCI, HIPAA, and others).
VSA:
- Integrates with any distributed SIEM product
- Gathers intelligence from z/OS SMF and the system operator interface
- Uses both signature- and anomaly-based attack detection
- Provides real-time alerts that can be managed, filtered, routed, and searched via SIEM software
- Provides APIs that allow for defining and filtering TSO, CICS, and batch events
With the advanced, hyper-granular filtering options now available in VSA, clients have more control over what is sent to their distributed SIEM solution. Go beyond simply satisfying compliance requirements and make meaningful security improvements with VSA.
VSA has a data dictionary that contains over 900 defined fields and Boolean values. Together with filtering semantics, this gives you unprecedented control over the decision to escalate an SMF record into a SIEM event or drop it from consideration.
By employing the filtering capabilities of VSA, you’ll limit the amount of superficial and misleading data delivered to your SIEM, which can significantly cut SIEM license charges and dramatically reduce the number of false alarms.
Since 1982, Software Diversified Services has provided the highest quality mainframe software, documentation, and award-winning expert service with an emphasis on security, encryption, data compression, and network monitoring.
SDS
https://www.sdsusa.com/