Afail.it doesbn't support tss. Only acf2 & racf. Aid for real mf experts. Tells only if you are in compliance or not but don't have the stig best practice text. It is also human intensive and you'll send days & cpu to collect data (separate phase) and manually report on each lpar. Regulation requires ibdependent assessment so it wan't help you (but may be the expert you'll rent, so no intetest).
Cybersecurity is dynamic. How a annual assessment helps you if during the year and even during assessment a security control already reviewed has been changed? Will u be vulenarable a whole year? Iscm is the only methode to keep an eye open on your maingframe security. ITschak בתאריך יום ה׳, 19 באפר׳ 2018, 18:01, מאת Dyck, Lionel B. (TRA) < [email protected]>: > I've been asked to look into IBM's zSecure Audit for use with CA Top > Secret and for DISA STIG compliance. > > Can anyone provide me with an unbiased review on the pros/cons of this > product? > > Feel free to e-mail me directly. > > Thank you > > -------------------------------------------------------------------------- > Lionel B. Dyck (Contractor) <sdg>< > Mainframe Systems Programmer - RavenTek Solution Partners > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
