BMC Introduces Automated Detection and Response for Mainframe Security Operations

BMC, a global provider of IT solutions for the autonomous digital enterprise, has introduced new capabilities for the BMC AMI Security solution to automatically protect, detect, and respond to threats on the mainframe. The solution shares mainframe security events with enterprise security information and event management systems (SIEM) in real-time, providing actionable insights for incident responders.

BMC Automated Mainframe Intelligence (AMI) helps businesses automatically manage, diagnose, heal, and optimize the mainframe. Built for intelligent automation, BMC AMI makes the mainframe smarter using AI, machine learning, predictive analytics, correlation, and pattern analysis.

According to BMC, organizations today amass and use data from across the enterprise, including the mainframe, to improve operations and customer experience.  Zero-day threats, configuration weaknesses, and modern threats, such as ransomware, present risks to the sensitive data that live on mainframes.

The problem is that securing the mainframe requires skills that are in short supply. BMC AMI Security is designed to defend mainframes and surface findings that are actionable for incident responders, making both security and operations teams more efficient.

According to BMC, with AMI Security solution, organizations can:  

  • Automatically halt suspicious and known malicious actions: Automated protection, detection, and response to mainframe security events stops threats before systems are compromised, provides visibility into attack methods, and reduces mean time to repair (MTTR). Behavioral analytics operate in real time and trigger alerts for Indicators of Compromise (IOCs) on the mainframe. 
  • Close the window of opportunity for attackers to go undetected: Integrations with leading SIEMs give security teams visibility of actions occurring on the mainframe in real-time with a timeline of actions to quickly investigate threat events.
  • Secure critical data, uncover risks, and continuously harden the mainframe: One of the largest sets of IOCs based on attack behaviors are provided out of the box for faster investigations. Security practitioners can see all actions occurring on the mainframe to continuously monitor databases for suspicious activity.
  • Adhere to compliance demands with alerts, audits, and real-time visibility: Out-of-the-box reports, real-time alerts, and audit trails for production systems seamlessly work with all major SIEMs to help achieve key HIPAA, PCI, DSS, and GDPR compliance mandates in minutes.
  • Simplify administration and operations: Automated password management improves the efficiency of users and the service desk. A graphical user interface simplifies basic management tasks, and auditable emergency access allows faster performance of essential services.

“As an enterprise system storing some of an organization’s most sensitive data, the mainframe is a target for attackers. If not properly secured, the mainframe can be compromised in minutes,” said John McKenny, senior vice president of ZSolutions Strategy and Innovation at BMC. “BMC AMI Security is the virtual, always-on security expert for the mainframe that enterprises need. Its ability to adapt to threats and help enterprises include the mainframe into their XDR strategy solves a potentially large gap in protecting sensitive data within every Autonomous Digital Enterprise.”

For more information, go to