IBM® Security zSecure™ Audit for ACF2 enables you to detect and report security events and exposures on mainframes. It works with IBM z/OS®, IBM MQ for z/OS, IBM DB2®, IBM CICS®, UNIX, Linux on IBM z Systems™ and CA ACF2. It analyzes ACF2 databases and enables you to create reports about ACF2 definitions such as login ID and rules.

IBM Security zSecure Audit for ACF2 provides integration with IBM Security QRadar® SIEM to help ensure the mainframe is included as part of enterprise-wide security monitoring. Versions of IBM Security zSecure are also available for IBM Resource Access Control Facility (RACF®) and CA Top Secret.

IBM Security zSecure Audit for ACF2:

  • Identifies security weaknesses to help minimize the risk of exposures and costly breaches
  • Automates audit and compliance reporting tasks across multiple logical partitions (LPAR) and tracks and monitors security baseline and sensitive resources
  • Offers extensive coverage of SMF records and pre-defined event reports to enable you to report on user behavior and identify users who can circumvent system security
  • Provides compliance framework testing for Sarbanes-Oxley Act (SOX), Payment Card Industry Data Security Standard (PCI DSS) and Security Technical Implementation Guide (STIG)
  • Provides visibility of the ACF2 database to help identify critical changes, differences, inconsistencies or misconfigurations that cause security issues