Archive

Agenda from Wednesday 11 June 2025 Meeting

Setting up a z/OS Honey Pot ,Kev Milne, NatWest
The Complete View of z/OS Certificates (Wai Choi, IBM)
RACF Update for z/OS 3.1 and More! (Mark Nelson and Assorted RACF Developers, IBM)
Is that Unusual?  Finding Needles in Haystacks  (Bryan Childs, IBM)
The Pervasive Encryption Journey (Gregg Arquero, IBM)

 

Agenda From October 2024 Meeting

 

 

---

 

Agenda from May 2024 Meeting

• “z/OS UNIX Security Overview“, Bruce Wells, IBM
•  “RACF Update“, Assorted RACF Developers, IBM
•  “CIS Benchmark Discussion“, Mark Nelson, IBM
• “z/VM Security Best Practices“, Brian Hugenbruch, IBM
•  “System Integrity: Don’t be the One:  How One Line of Code can Compromise System Integrity“, Scott Wooley & Mike Kasper, IBM

 

---

Agenda for Wednesday 11 October  2023

• “SDSF Security – How Does it Work on z/OS V2R5”, Rob Scott, Rocket Software
• “RACF Update”, Ross Cooper, IBM
• RACF PassTickets Overview”, Julie Bergh, Ross Cooper, IBM 15:00 – 15:10 Break
• “zERT Overview and zERT Network Analyzer”, Ed Seidl, IBM

---

Handouts for Wednesday 17 May 2023

• “Key Rotation – Who? What? When? Where? Why? (But not necessarily in that order)“, Greg Boyd, Mainframe Crypto
•  “RACF Update”, Ross Cooper, IBM
•  “Quantum Safe z”, Bryan Childs, IBM, the Quantum z sage
•  “z Security & Compliance Center”, Julie Bergh, IBM
•  “SMP/E Package Signing”, Kurt Quackenbush, IBM

---

Handouts for the October 22, 2020 joint NYRUG and Tampa and Raleigh and Dallas RUG Meeting may be found at:

 

• JSON Web Tokens and RACF RACF Identity Token Support — Ross Cooper of IBM
• Key Rotation Why? Which? When? How? Who? — Greg Boyd of MainframeCrypto
• zOSMF_V2.4 — Julie Bergh of Rocket Software

---

Handouts for the May 12, 2020 joint NYRUG and Tampa and Raleigh and Dallas RUG Meeting may be found at:

• RACF for DB2 Control – Beyond the Basics –Dough Behrends of Vanguard Integrity Professionals
• 02 MQ_Security_and_RACF_NYRUG_May2020

---

Handouts for the May 15, 2019 joint NYRUG and Tampa and Raleigh and Dallas RUG Meeting may be found at:

• RACF Monitoring and Reporting how to maximize your SIEM ROI — Bob Hansel of RSH Consulting
• Securing TCPIP Today Before You’re Sorry Tomorrow — Joel Tilton

---

Handouts for the October 4, 2018 joint NYRUG and Tampa and Raleigh RUG Meeting may be found at:

• Converting_RACF_Name_and_Range_Table_to_Parmlib.pdf — Adam Klinger
• MFA (Multi-Factor-Authentication) Viewed from the Mainframe Myths: Lessons Learned — Jim Porell, Rocket Software
• Activating FSEXEC — Joel Tilton

---

Handouts for the May 9, 2018 NYRUG and Tampa Bay RUG Meetings may be found at:

• Securing Your Job With JESJOBS — Joel Tilton
• Change is Coming GDPR; NYCRR 500; PCI (Three regulatory changes that will affect our job) — Scott Brod of Bank Hapoalim for Vanguard Integrity Professionals

---

Handouts for the November 14, 2017 NYRUG and Tampa Bay RUG Meetings may be found at:

• Practical Implementation of IBM MQ on z/OS — Tony Nix of Vanguard Integrity Professionals

---

Handouts for the March 15, 2017 NYRUG and Tampa Bay RUG Meetings may be found at:

(to be provided here as they are made available)

• How Internal Control Translates Into RACF — David Hayes

---

Handouts for the October 19, 2016 NYRUG and Tampa Bay RUG Meetings may be found at:

• Shared Operations Model Across System z and What It Means for Other Systems — Jim Porell of James Porell Consulting, LLC
• The Evolution of RACF Passwords — Jim McNeill of Vanguard Professional Services
• Experiences with Two Factor authentication on z/OS — Simon Dodge of Wells Fargo

---

Handouts for the April 20, 2016 NYRUG and Tampa Bay RUG Meetings may be found at:

• KDFAES Walkabout (Enhanced Version) — Joel Tilton
• Using SERVAUTH NETACCESS to Restrict Inbound IP Traffic — Aron Eisenpress of City University of New York
• High Expectations – Our Systems are like Airplanes — David Hayes of GAO and Mark Nelson of IBM
• The State of System Controls — David Hayes of GAO

---

Handouts for the November 20, 2015 NYRUG and Tampa Bay RUG Meetings may be found at:

• Using NETACCESS to restrict outside access via TCP/IP (more detail coming at Spring 2016 meeting) — Aron Eisenpress
• Top Five Assessment Findings — Brian Marshall of Vanguard Integrity Professionals
• How_Well_Is_Monitoring_Working — David Hayes of GAO

---

Handouts for the April 16, 2015 NYRUG and Tampa Bay RUG Meetings may be found at:

• RACF and TSO — Bob Hansel of RSH Consulting
• Taking The Sword Out Of Password — Bruce Wells of IBM
• My Adventures with TCP/IP Port Access Security and RACF on z/OS — Joel Tilton
• What’s Cool About the CONNECT Command — Stu Henderson of the Henderson Group

---

Handouts for the November 25, 2014 NYRUG and Tampa Bay RUG Meetings may be found at:

• My Adventures with TCP/IP Port Security and RACF on z/OS — Joel Tilton
• Securing JES Resource Classes — Jim McNeill of Vanguard Integrity Professionals
• RACF Update — Mark Nelson of IBM
• Targeting Audit Attention Strategies for Assessing Risk: Learning from Experience — Stu Henderson and David Hayes

---

Handouts for the April 23, 2014 NYRUG and Tampa Bay RUG Meetings may be found at:

• An Auditor’s Current View on Risk and and Audit Strategy — David Hayes of GAO
• The Mainframe Is Not Dead Call the Doctor Not the Undertaker — Charles Mills of Correlog
• Migrating DB2 Security to RACF — Doug Behrends of Vanguard Integrity Professionals
• Tutorial: Lessons From a Real Mainframe Break-In Over the Internet — Stu Henderson of the Henderson Group

---

Handouts for the October 15, 2013 NYRUG and Tampa Bay RUG Meetings may be found at:

• Implementing SERVAUTH CLass Profiles — Jim McNeill of Vanguard Integrity Professionals
• z/OS 2.1 Security Updates — Julie Bergh of IBM

---

Handouts for the March 12, 2013 NYRUG and Tampa Bay RUG Meetings may be found at:

• Beyond Best Practices: The DISA STIGs — Jim McNeill of Vanguard Integrity Professionals
• TUTORIAL: PROTECTING EVERY PATH INTO YOUR SYSTEM WITH RACF — Stu Henderson
• My adventures in PCI: FTP, TLS, and SMF — Joel Tilton

---

Handouts for the October 23, 2012 NYRUG and Tampa Bay RUG Meetings may be found at:

• Practical Tips for z/OS Vulnerability Scanning — Ray Overby of Key Resource, Inc.
• Tutorial: RACF Dataset Protection — Stu Henderson

---

Handouts for the March 27, 2012 NYRUG and Tampa Bay RUG Meetings may be found at:

• Review of RACF SETROPTS – a tutorial — Stu Henderson
• How to Break Into z/OS Systems — Stu Henderson

---

Handouts for the November 1, 2011 NYRUG and Tampa Bay RUG Meetings may be found at:

• Identity Propagation – Distributed Platforms to z/OS — Simon Dodge

---

Handouts for the October 26, 2010 NYRUG and Tampa Bay RUG Meetings may be found at:

—Handouts Not From IBM:—

• Custom Fields Forever – Hayim Sokolsky
• Is Your zOS System Secure – Ray Overby
• Clear Explanation of Digital Certificates – Stu Henderson

---

Further info will be found in the next issue of the RACF USER NEWS