AE5 - Securing Crypto on Z - This will be a series of six eBooks written by Greg Boyd from mainframecrypto. These eBooks will be made available throughout the coming months. Volumes 1 and 2 are available as of December 15, 2020.
AE4 - Are your PORTs safe? How do you know? This eBook looks at the configuration control elements in and around these TCP/IP and UDP elements:
PROFILE, DATA, RESOLVER, TELNET, FTP, SMTP, and PAGENT.
AE3 - Securing z/OSMF - The security set-up of z/OSMF is an integral part of its overall installation and configuration. To secure it properly can only be accomplished by Systems Programmers working in close conjunction with Security Administrators on a z/OS system that is already secured by Systems Administrations Best Practices. This book is a distillation of the essential security portions of the z/OSMF configuration and programming documentation available from IBM, which cannot, and should not, be ignored.
AE2 - Learn about the configuration settings for each of the primary external security managers, how they were originally set, and how the authors of these eBooks have attempted to capture what they should be currently set to, with both the why and why not.
AE2 - zAuditing Essentials - Volume 2 - Taming RACF - SETROPTS AE2 - zAuditing Essentials - Volume 2 - Mastering CA ACF2 - GSO AE2 - zAuditing Essentials - Volume 2 - Controlling CA Top Secret
AE1 - The IODF is the central configuration file for z Systems. Settings outlined.
AE1 - zAuditing Essentials - Volume 1- zEnterprise Hardware
V2R4 - What's New in z/OS V2R4 These are "Cliff's Notes" type eBooks V2R3 - What's New in z/OS V2R3 detailing what's coming in the V2R2 - What's New in z/OS V2R2 latest releases of z/OS. V2R1 - What's New in z/OS V2R1
CICS - This eBook provides a wealth of information about CICS, its operations and its resources and capabilities along with guidelines and recommendations.
CICS Essentials - Auditing CICS - A Beginner's Guide
CICS has its own security but does not cover many internal policies or legal compliance requirements. Recommendations are provided.
CICS security is quite complex with many layers and facets. Learn the sophisticated way CICS exploits SAF Classes.
ESM - Comprehensive visualization of all available symbols used to define ESM passwords. RACF is complete; CA ACF2 and CA Top Secret - coming soon.
SYM - The Visualization of Symbols Used to Define the format of RACF Passwords
"I wanted to let you know that this is an extremely helpful and well written publication. The layout and references to the STIG, Vendor recommendations or 'White Hat' advice are very good."
"Today, I had the opportunity to use the information in that publication during a conference call with some auditors. Without knowing the details of what we were going to be discussing, this proved to be extremely valuable when going through several of our ESM control option settings. This eBook saved us hours of time, since we had most of the information they were looking for at our finger tips."
-- Senior Systems Software Engineer