Compuware’s integration with CorreLog provides security and compliance teams with vital mainframe application-level insight to reduce cybersecurity threats and meet compliance mandates.

Problems Solved

Large enterprises have historically lacked insight into mainframe application user behavior, instead relying on disparate logs and SMF data from security products to piece together user activity information. Highly advanced IT security organizations may even go as far as to apply advanced analytics to these logs to deduce who did what, when. Without the ability to capture complete, rich start-to-finish mainframe user session activity data in real time, enterprises cannot effectively meet cross-platform enterprise cybersecurity demands and increasingly burdensome global compliance mandates.

Enterprises can send Compuware Application Audit’s rich user behavior data to CorreLog® zDefender™ for z/OS, which delivers the data along with event messages from z/OS into multiple SIEM engines. These integrations are particularly useful for discovering and addressing security issues associated with applications whose components run on both mainframe and non-mainframe platforms.

How the Integration Works

  • Application Audit captures all mainframe session behavior including successful logins, session keyboard commands and menu selections, specific data browsed, and more.
  • The data is sent to zDefender for z/OS in the form of SMF records, which zDefender for z/OS can then use in its own alerting and dashboard applications—or, in real time, pass along to Hadoop or leading SIEM solutions such as HPE ArcSight, IBM® QRadar®, Splunk® and others.