Archive

From October 2024

Session	Speaker	Length	Start Time	End Time
Introduction/Agenda	Joel Tilton	0:05	10:00 AM	10:05 AM
Extended Compliance Reporting with zSCC	Marina Zografova, IBM zSecure Development	0:30	10:05 AM	10:35 AM
zSecure Admin Web UI	Akash Shah, IBM zSecure Development	0:30	10:35 AM	11:12 AM
Break		0:05	11:12 AM	11:20 AM
SDSF 3.1	Rob Scott, IBM	0:45	11:20 AM	12:07 PM
Lunch		0:35	12:07 PM	12:45 PM
Discovering Security Roles within CICS	Mark Pocock; John Taylor, IBM	1:00	12:45 PM	1:48 PM
Break		0:05	1:48 PM	1:55 PM
Five Minute Madness		0:20	1:55 PM	2:20 PM
IBM Threat Detection for z/OS	Anuja DeedWaniya, IBM	1:00	2:20 PM	2:55 PM
Break		0:05	2:55 PM	3:00 PM
How to Implement and Enforce Your Security Policy	Joel Tilton	1:00	3:00 PM	4:00 PM
Closing	Joel Tilton	0:05	4:00 PM	4:05 PM

---

Agenda from May 2024 Meeting

• “z/OS UNIX Security Overview“, Bruce Wells, IBM
•  “RACF Update“, Assorted RACF Developers, IBM
•  “CIS Benchmark Discussion“, Mark Nelson, IBM
• “z/VM Security Best Practices“, Brian Hugenbruch, IBM
•  “System Integrity: Don’t be the One:  How One Line of Code can Compromise System Integrity“, Scott Wooley & Mike Kasper, IBM

 

---

Agenda for Wednesday 11 October  2023

• “SDSF Security – How Does it Work on z/OS V2R5”, Rob Scott, Rocket Software
• “RACF Update”, Ross Cooper, IBM
• RACF PassTickets Overview”, Julie Bergh, Ross Cooper, IBM 15:00 – 15:10 Break
• “zERT Overview and zERT Network Analyzer”, Ed Seidl, IBM

---

Handouts for Wednesday 17 May 2023

• “Key Rotation – Who? What? When? Where? Why? (But not necessarily in that order)“, Greg Boyd, Mainframe Crypto
•  “RACF Update”, Ross Cooper, IBM
•  “Quantum Safe z”, Bryan Childs, IBM, the Quantum z sage
•  “z Security & Compliance Center”, Julie Bergh, IBM
•  “SMP/E Package Signing”, Kurt Quackenbush, IBM

---

Handouts for the October 22, 2020 joint NYRUG and Tampa and Raleigh and Dallas RUG Meeting may be found at:

 

• JSON Web Tokens and RACF RACF Identity Token Support — Ross Cooper of IBM
• Key Rotation Why? Which? When? How? Who? — Greg Boyd of MainframeCrypto
• zOSMF_V2.4 — Julie Bergh of Rocket Software

---

Handouts for the May 12, 2020 joint NYRUG and Tampa and Raleigh and Dallas RUG Meeting may be found at:

• RACF for DB2 Control – Beyond the Basics –Dough Behrends of Vanguard Integrity Professionals
• 02 MQ_Security_and_RACF_NYRUG_May2020

---

Handouts for the May 15, 2019 joint NYRUG and Tampa and Raleigh and Dallas RUG Meeting may be found at:

• RACF Monitoring and Reporting how to maximize your SIEM ROI — Bob Hansel of RSH Consulting
• Securing TCPIP Today Before You’re Sorry Tomorrow — Joel Tilton

---

Handouts for the October 4, 2018 joint NYRUG and Tampa and Raleigh RUG Meeting may be found at:

• Converting_RACF_Name_and_Range_Table_to_Parmlib.pdf — Adam Klinger
• MFA (Multi-Factor-Authentication) Viewed from the Mainframe Myths: Lessons Learned — Jim Porell, Rocket Software
• Activating FSEXEC — Joel Tilton

---

Handouts for the May 9, 2018 NYRUG and Tampa Bay RUG Meetings may be found at:

• Securing Your Job With JESJOBS — Joel Tilton
• Change is Coming GDPR; NYCRR 500; PCI (Three regulatory changes that will affect our job) — Scott Brod of Bank Hapoalim for Vanguard Integrity Professionals

---

Handouts for the November 14, 2017 NYRUG and Tampa Bay RUG Meetings may be found at:

• Practical Implementation of IBM MQ on z/OS — Tony Nix of Vanguard Integrity Professionals

---

Handouts for the March 15, 2017 NYRUG and Tampa Bay RUG Meetings may be found at:

(to be provided here as they are made available)

• How Internal Control Translates Into RACF — David Hayes

---

Handouts for the October 19, 2016 NYRUG and Tampa Bay RUG Meetings may be found at:

• Shared Operations Model Across System z and What It Means for Other Systems — Jim Porell of James Porell Consulting, LLC
• The Evolution of RACF Passwords — Jim McNeill of Vanguard Professional Services
• Experiences with Two Factor authentication on z/OS — Simon Dodge of Wells Fargo

---

Handouts for the April 20, 2016 NYRUG and Tampa Bay RUG Meetings may be found at:

• KDFAES Walkabout (Enhanced Version) — Joel Tilton
• Using SERVAUTH NETACCESS to Restrict Inbound IP Traffic — Aron Eisenpress of City University of New York
• High Expectations – Our Systems are like Airplanes — David Hayes of GAO and Mark Nelson of IBM
• The State of System Controls — David Hayes of GAO

---

Handouts for the November 20, 2015 NYRUG and Tampa Bay RUG Meetings may be found at:

• Using NETACCESS to restrict outside access via TCP/IP (more detail coming at Spring 2016 meeting) — Aron Eisenpress
• Top Five Assessment Findings — Brian Marshall of Vanguard Integrity Professionals
• How_Well_Is_Monitoring_Working — David Hayes of GAO

---

Handouts for the April 16, 2015 NYRUG and Tampa Bay RUG Meetings may be found at:

• RACF and TSO — Bob Hansel of RSH Consulting
• Taking The Sword Out Of Password — Bruce Wells of IBM
• My Adventures with TCP/IP Port Access Security and RACF on z/OS — Joel Tilton
• What’s Cool About the CONNECT Command — Stu Henderson of the Henderson Group

---

Handouts for the November 25, 2014 NYRUG and Tampa Bay RUG Meetings may be found at:

• My Adventures with TCP/IP Port Security and RACF on z/OS — Joel Tilton
• Securing JES Resource Classes — Jim McNeill of Vanguard Integrity Professionals
• RACF Update — Mark Nelson of IBM
• Targeting Audit Attention Strategies for Assessing Risk: Learning from Experience — Stu Henderson and David Hayes

---

Handouts for the April 23, 2014 NYRUG and Tampa Bay RUG Meetings may be found at:

• An Auditor’s Current View on Risk and and Audit Strategy — David Hayes of GAO
• The Mainframe Is Not Dead Call the Doctor Not the Undertaker — Charles Mills of Correlog
• Migrating DB2 Security to RACF — Doug Behrends of Vanguard Integrity Professionals
• Tutorial: Lessons From a Real Mainframe Break-In Over the Internet — Stu Henderson of the Henderson Group

---

Handouts for the October 15, 2013 NYRUG and Tampa Bay RUG Meetings may be found at:

• Implementing SERVAUTH CLass Profiles — Jim McNeill of Vanguard Integrity Professionals
• z/OS 2.1 Security Updates — Julie Bergh of IBM

---

Handouts for the March 12, 2013 NYRUG and Tampa Bay RUG Meetings may be found at:

• Beyond Best Practices: The DISA STIGs — Jim McNeill of Vanguard Integrity Professionals
• TUTORIAL: PROTECTING EVERY PATH INTO YOUR SYSTEM WITH RACF — Stu Henderson
• My adventures in PCI: FTP, TLS, and SMF — Joel Tilton

---

Handouts for the October 23, 2012 NYRUG and Tampa Bay RUG Meetings may be found at:

• Practical Tips for z/OS Vulnerability Scanning — Ray Overby of Key Resource, Inc.
• Tutorial: RACF Dataset Protection — Stu Henderson

---

Handouts for the March 27, 2012 NYRUG and Tampa Bay RUG Meetings may be found at:

• Review of RACF SETROPTS – a tutorial — Stu Henderson
• How to Break Into z/OS Systems — Stu Henderson

---

Handouts for the November 1, 2011 NYRUG and Tampa Bay RUG Meetings may be found at:

• Identity Propagation – Distributed Platforms to z/OS — Simon Dodge

---

Handouts for the October 26, 2010 NYRUG and Tampa Bay RUG Meetings may be found at:

—Handouts Not From IBM:—

• Custom Fields Forever – Hayim Sokolsky
• Is Your zOS System Secure – Ray Overby
• Clear Explanation of Digital Certificates – Stu Henderson

---

Further info will be found in the next issue of the RACF USER NEWS