So, while it used to be true the SECINT ++ASSIGNS had to be downloaded from resourcelink and received into SMPE to get the PTF’s flagged, that is no longer true. SECINT labels now come as part of normal hold data. So, as long as your z/OS sysprog is applying SECINT PTF’s you should be covered.
IBM is now marketing a new tool called IBM Concert that appears to nicely tie together vulnerabilities, and what you have or do NOT have applied to your environment amongst many other features. It is a chargeable product, although IMO the vulnerability piece of it should be a freebie. https://www.ibm.com/products/concert-for-z _______________________________ Dave Jousma Vice President | Director, Platform Engineering Fifth Third Bank | 38 Fountain Square Plaza | Cincinnati, OH. 45202 From: IBM Mainframe Discussion List <[email protected]> on behalf of [email protected] <[email protected]> Date: Thursday, June 4, 2026 at 10:40 AM To: [email protected] <[email protected]> Subject: SECINT fixes - Responsability CAUTION EXTERNAL EMAIL This message came from outside your organization. DO NOT open attachments or click on links from unknown senders or unexpected emails. Report Suspicious<https://us-phishalarm-ewt.proofpoint.com/EWT/v1/MwwqYLOC6b6whF7V!rdOKOT_ojsBBUYQaTNgPVyMBTHkqJ1xOM4yNTvICLqi7sF9GGEm_7Hr1Yv875TB7o2HW9-jOPZEPwK5jC3rjumwEj_xrOfbjs58$> Hi! I work as a RACF administrator. In our shop, Sysprogs belong to a separate department. As a security administrator, I have been authorized to access the "IBM Security Portal". I see there that IBM regularly updates a list of SECINT APARs (and also issue more detailed "Security Notices", often describing a security problem and its solution, if any). Question:What role do you think should review this list of SECINT APARs and evaluate what PTFs should be applied:Security Admin?Sysprog?Both (working together)? Thanks in advance for your help, Juan Mautalen ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
