NIST SP 800-207 - What's New in Zero Trust Architecture is an August 2020 publication outlining best practices for Zero Trust.
AE5 - Securing Crypto on Z - This will be a series of six eBooks written by Greg Boyd from mainframecrypto. These eBooks will be made available throughout the coming months. Volumes 1 and 2 are available as of December 15, 2020. Volume 3 is available for download as of March 4, 2021.
AE4 - Are your PORTs safe? How do you know? This eBook looks at the configuration control elements in and around these TCP/IP and UDP elements:
PROFILE, DATA, RESOLVER, TELNET, FTP, SMTP, and PAGENT.
AE3 - Securing z/OSMF - The security set-up of z/OSMF is an integral part of its overall installation and configuration. To secure it properly can only be accomplished by Systems Programmers working in close conjunction with Security Administrators on a z/OS system that is already secured by Systems Administrations Best Practices. This book is a distillation of the essential security portions of the z/OSMF configuration and programming documentation available from IBM, which cannot, and should not, be ignored.
AE2 - Learn about the configuration settings for each of the primary external security managers, how they were originally set, and how the authors of these eBooks have attempted to capture what they should be currently set to, with both the why and why not.
AE2 - zAuditing Essentials - Volume 2 - Taming RACF - SETROPTS AE2 - zAuditing Essentials - Volume 2 - Mastering CA ACF2 - GSO AE2 - zAuditing Essentials - Volume 2 - Controlling CA Top Secret
AE1 - The IODF is the central configuration file for z Systems. Settings outlined.
AE1 - zAuditing Essentials - Volume 1- zEnterprise Hardware
V2R4 - What's New in z/OS V2R4 These are "Cliff's Notes" type eBooks V2R3 - What's New in z/OS V2R3 detailing what's coming in the V2R2 - What's New in z/OS V2R2 latest releases of z/OS. V2R1 - What's New in z/OS V2R1
CICS - This eBook provides a wealth of information about CICS, its operations and its resources and capabilities along with guidelines and recommendations.
CICS Essentials - Auditing CICS - A Beginner's Guide
CICS has its own security but does not cover many internal policies or legal compliance requirements. Recommendations are provided.
CICS security is quite complex with many layers and facets. Learn the sophisticated way CICS exploits SAF Classes.
ESM - Comprehensive visualization of all available symbols used to define ESM passwords. RACF is complete; CA ACF2 and CA Top Secret - coming soon.
SYM - The Visualization of Symbols Used to Define the format of RACF Passwords
eBooks published by The z Exchange and NewEra Software are made available to all at no charge. Downloading some eBooks, such as the Securing Crypto on Z series of six eBooks, require you to provide contact information so we can use it to alert you to the next volume's availability. We do not use your contact information for any other purpose.