Mainframe SIEM Solutions

CorreLog Mainframe solutions are designed to deliver real-time notifications from RACF, ACF2, Top Secret, DB2 and IMS directly to any Windows- or UNIX-based Security Information & Event Management (SIEM) system.

Our flagship mainframe SIEM product is zDefender™ for z/OS, the industry-leading software tool for getting real-time mainframe (z/OS) security events into distributed SIEMs and Security Operations Centers (SOC).

CorreLog mainframe SIEM solutions are highly interoperable and we have certified integrations with the following distributed SIEM systems:

  • IBM Security QRadar SIEM
  • Micro Focus ArcSight SIEM
  • EMC RSA Security Analytics
  • Intel Security – McAfee ESM
  • NNT Solutionary
  • Micro Focus NetIQ

Additionally, zDefender™ for z/OS has field integrations with Splunk, LogRhythm, Dell SecureWorks, and many others.

zDefender™ for z/OS

zDefender™ for z/OS protects your mainframe from internal and external intrusion with real-time alerts to any SIEM or SOC. It can log all privileged user activity, including any attempt to delete a user’s audit trail.

dbDefender™ for Db2

dbDefender™ for z/OS provides Database Activity Monitoring (DAM) for your Db2 and IMS databases with real-time alerts to any SIEM or SOC. It can log all privileged user activity, including attempts to alter or delete audit trails.

dbDefender™ for McAfee DAM

dbDefender™ for McAfee is the McAfee-certified DAM tool for monitoring privileged users and other activity within Db2 databases, and sending real-time notifications to McAfee ESM.

zDefender™ for IND$FILE

zDefender™ for IND$FILE provides log tracking for TN3270 file access/transfers that are otherwise invisible to z/OS subsystem (RACF, ACF2, etc.) monitoring. It logs all activity in real time and sends event messages to any SIEM or SOC.

File Integrity Monitoring for z/OS

For z/OS security compliance with PCI DSS and other standards-based File Integrity Monitoring stipulations. zDefenderTM audits accesses, views, and/or alterations to z/OS installation files in real time, and sends security notifications to any SIEM or SOC.

zDefender™ Visualizer for z/OS

zDefender™ Visualizer is an affordable, web-based SIEM designed for security admins or any user you designate. It provides functional dashboard views and event correlation for real-time z/OS security alerts.


Correlog Mainframe White Paper

Correlog SIEM Server Brochure

Interested in learning more?