I don't know, but what the professional Pen Testers tell me is that they never fail to find things like that.
I've never met any group that never made a mistake, never had an "oops," never "missed something." Magic SVCs were widespread until recently. Has every single one vanished? Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Bill Johnson Sent: Thursday, October 7, 2021 3:21 PM To: [email protected] Subject: Re: Mainframe ransomware solution You’d have to be a poorly run shop to permit any of those to occur. Maybe that’s why mainframe hacks have actually never happened.....Biden successfully extracted 124,000 from Afghanistan in a few weeks. Amazing. Sent from Yahoo Mail for iPhone On Thursday, October 7, 2021, 2:12 PM, Charles Mills <[email protected]> wrote: And assuming you never make a mistake. Never leave an APF data set unprotected. Never give the wrong person console authority. Fully understand APF on UNIX. Never have a Rexx PDS used by privileged users that is modifiable by others. Have no magic SVCs. Have no flawed APF code, no APF "tools" available inappropriately. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Radoslaw Skorupka Sent: Wednesday, October 6, 2021 2:13 PM To: [email protected] Subject: Re: Mainframe ransomware solution W dniu 05.10.2021 o 15:24, Tommy Tsui pisze: >> Hi > Any shop implement mainframe ransomware solution can share? IBM seems has > cyber vault to handle this. Is there any other solution available ? > Thanks for sharing <shameless mode> Yes, we have such solution. This is combination of the following products: 1. z/OS 2. RACF 3. Professional staff </shameless mode> Other means: RACF backup Safeguarded copy and other vendors' solutions audit procedures Note: all of the "solutions" marketed nowadays give you some cure *after breach happened*. However that means some problems. It is unlikely to restore with RPO=0. If you want RPO=0 then you should pay much more attention at prevention, which means ...no, NOT ANOTHER PRODUCT. Definitely first: professional staff, procedures, audit. And then maybe some tools. IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM, Safeguarded Copy... ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
