Mooodycow and Qualys - Protecting your Investment in zSystems LinuxONE
Today’s modern IBM mainframe is central to hybrid cloud environments, valued by two-thirds of the Fortune 100 as a highly secured platform for running mission-critical workloads. Not surprisingly, according to a recent IBM commissioned study by Celent, it is estimated that 70% of global bank cards and payment transactions run on IBM zSystems.
With this dependence on IBM zSystems for global payment transactions and the rise of modern, sophisticated cyber threats and ransomware attacks, increasing regulatory mandates, and exposure of data out of mainframes to hybrid cloud environments, organisations must act to decisively protect critical data, systems, and applications from compromise and implement robust security measures.
The global average data breach cost increased by 2.6% to USD 4.35 million in 2022, the highest since 2016. Not surprisingly, security system complexity, cloud migration, and compliance failures are among the top three factors associated with the highest net increase in the average cost.
Interesting Fact – Did you know that the average data breach lifecycle – the time elapsed between the first detection of the breach and its containment – was 277 days.
In addition to supporting payments architectures, zSystems LinuxONE is fast becoming the migration platform of choice for organisations looking to sunset AIX, HP-UX and Solaris platforms, owing to the commodity nature of the Linux distributions involved, combined with the 7-Nines availability (99.99999%) of the IBM zSystems mainframe platform.
Bringing Linux workloads to the mainframe increases the attack surface, adding more use of protocols like SSH and HTTP. Apart from the vulnerabilities in the baseline operating system, the vulnerable applications running on mainframes and the possibility of DDoS attacks on these crucial applications call for hardened configurations and continuous assessments.
Traditional security toolset for mainframes involved a number of point solutions and scripts, and visibility is limited to mainframe operators only, who would then compile a report, manually. Manual audit and Customised script methods are not scalable — Many organisations are not assessing their mainframes and DB2 databases for vulnerability management and configuration compliance, or if they are, they are doing so manually. Manual audit methods can only be applied selectively, waste time and organisations may lack the resources to update the scripts. Most auditors do not accept manual reports for security posture.
MooodyCow has been involved with Qualys for 5 years, and is very excited by this as there has been a clear evolution of Qualys delivery, leading towards full support for IBM zSystems LinuxONE, regardless of which Linux distribution is involved, including the major retail offerings like Redhat Enterprise Linux (RHEL), Canonical Ubuntu Linux and SuSE Linux Enterprise Server, as well as popular derivatives – building upon Qualys’ unrivalled and industry leading operating system coverage.
Qualys (QLYS) has been working to improve vulnerability management, compliance, patch management, support for hybrid and public clouds, and related areas, since 1999, and has exhibited strong growth since then.
With its latest offering, the Qualys Enterprise Trurisk Platform, security team members are able to communicate with their CISO and Board of Directors, using the language of risk to provide a simple metric that allows progress against securing critical systems to easily be tracked, leading to a bias for action.
Unrivaled coverage and accuracy
Support for over 70K CVEs and six sigma 99.99966% vulnerability scan detection accuracy.
Simplicity
All Qualys vulnerability assessment, risk prioritisation, and compliance capabilities are delivered with a single, configurable agent, which is easy to install, maintenance-free, self-updating, and self-healing.
Superior risk prioritisation
TruRisk automatically correlates vulnerabilities with threat intelligence sources in conjunction and asset criticality ratings so you can focus on the highest-risk vulnerabilities first.
Seamless integration for compliance
Qualys Policy Compliance allows users to improve their security posture by correlating threats with vulnerabilities and system and application misconfigurations.
Qualys Cloud Agent for zSystems LinuxONE
Product Page: https://www.qualys.com/ibm-zsystems-linuxone/
Setup video: https://vimeo.com/759295680
Data-driven Science behind Trurisk: https://blog.qualys.com/qualys-insights/2022/10/10/in-depth-look-into-data-driven-science-behind-qualys-trurisk