In today's ever-evolving threat landscape, any siloed systems, or data leave organizations vulnerable. This is especially true when mission-critical systems like IBM i and IBM Z mainframes are not included in your security planning. Valuable security data from these systems often remains isolated, hindering your ability to detect and respond to threats effectively.
Ironstream and bridge this gap for IBM systems by integrating the important security data from these mission-critical systems into Google Chronicle where it can be seen, analyzed and correlated with the data from other enterprise systems Here's what you'll learn:
• The unique challenges of securing IBM i and Z mainframes
• Why traditional security tools fall short for mainframe data
• The power of Google Chronicle for unified security intelligence
• How to gain comprehensive visibility into your entire IT ecosystem
• Real-world use cases for integrating IBM i and Z security data with Google Chronicle
Join us for this webcast to hear about:
• The unique challenges of securing IBM i and IBM Z systems
• Real-world use cases for integrating IBM i and IBM Z security data with Google Chronicle
• Combining Ironstream and Google Chronicle to deliver faster threat detection, investigation, and response times
Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
1. Unlocking the Power
of Your IBM i and Z
Security Data with
Google Chronicle
Bill Hammond | Director, Product Marketing
Ian Hartley | Senior Director, Product Management
2. Today’s Topic
• Threat landscape evolving
• Unique challenges of IBM Z and
IBM Power Systems
• Security visibility with Google
Chronicle
• Q&A
2
4. Security
Landscape
Business-Driven
Security
Multi-Factor
Authentication
Business impacts
• No longer a siloed IT concern. It's
a critical business service and
security teams are measured on
how well they protect business
outcomes
• Not just for financial institutions...
Expect to see more biometric
authentication methods
alongside traditional passwords
and codes
Boardroom
Focus
Cloud
Integration
• Rising costs of data breaches
driving boards to demand more
strategic approaches to risk
management
• Expect continued focus on tighter
integration between z/OS
security and IBM's cloud security
offerings. This would allow for a
more holistic view of security
posture across hybrid
environments.
4
5. Security
Landscape
Artificial
Intelligence
Product
Consolidation
• Double edged sword – AI can
assist both security professionals
and the bad actors developing
new threats
• Individual security point products
being combined into broader
platforms that offer a more
holistic approach
Regulations
Driving Change
Quantum-Safe
Cryptography
• New regulations are mandating
a stronger security posture,
forcing organizations to invest in
expertise and improve their
overall cyber resilience
• Current encryption solutions will
become vulnerable with the
broader usage of quantum
computing solutions.
5
Marketplace drivers
7. IBM i security challenges
7
• Perception of Impregnability: A false sense of security can exist due to the
platform's strong foundation. Organizations may neglect essential security
practices like regular updates, user access controls, and penetration testing.
• Integration Challenges: IBM i environments often integrate with newer, more
open systems. These connections can introduce vulnerabilities if security isn't
carefully managed across all platforms.
• Skilled Staff Shortage: Finding IT security professionals with specific IBM i
expertise can be difficult. This can make it challenging to maintain a strong
security posture and keep up with the latest threats.
• Evolving Attack Landscape: Cybercriminals are constantly developing new
methods to exploit vulnerabilities. While IBM i is inherently secure, attackers
may target weaknesses in custom applications, open-source integrations, or
user errors.
• Keeping Up with Updates: Balancing the need for stability with the
importance of applying security patches can be a challenge. Downtime for
updates can disrupt critical business operations.
8. IBM Z security challenges
8
• Complexity of the Platform: This complexity can make it difficult to configure
security settings correctly and maintain a strong overall security posture. An
intricate web of access controls, encryption options, and security profiles
needs to be meticulously managed.
• Skilled Staff Shortage: z/OS environments run mission-critical legacy
applications. Finding security professionals with deep expertise in z/OS
security can be challenging.
• Insider Threats: Given the high level of access granted to authorized users on
z/OS systems, insider threats pose a significant risk. Rigorous access controls,
continuous monitoring, and user activity audits are crucial.
• Integration with Open Systems: The increasing integration of z/OS with open
systems and cloud environments introduces new attack vectors. Ensuring
consistent and robust security across these disparate platforms requires
careful planning and configuration.
• Evolving Regulatory Landscape: Data privacy regulations are constantly
evolving, placing additional pressure on organizations to secure sensitive
data residing on z/OS systems.
9. Visibility
9
• The foundation for effective security
monitoring
• See what's happening in your systems,
identify potential threats, and take
timely action to protect your valuable
data and resources
• Without visibility, you're essentially
operating in the dark, making it difficult
to identify and respond to security
threats
10. Benefits of effective security visibility
10
What's
Normal?
• Good visibility allows
you to establish a
baseline for typical
activity within your
network.
• This includes user
behavior, data flow,
and application usage.
• Deviations from this
baseline can indicate
suspicious activity or
potential threats
Threat
Identification
• Detect unusual events
like unauthorized
access attempts,
malware infections, or
data breaches.
• Security tools can then
analyze this data to
identify and prioritize
potential threats
Faster
Response
• When a security
incident occurs, good
visibility allows you to
pinpoint the source and
scope of the problem
quickly.
• This enables a faster
and more effective
response, minimizing
damage and downtime
Threat
Hunting
• Security teams can
proactively hunt for
threats by analyzing
network traffic and
user activity for
suspicious patterns.
• Visibility across
different systems allows
for a more
comprehensive search
and helps uncover
hidden threats
Better
Decisions
• Security decisions are
only as good as the
information they're
based on.
• Clear visibility provides
the data and context
needed to make
informed choices about
security investments,
resource allocation,
and overall security
posture.
13. “Chronicle” … “Security Operations”
13
• Google is transitioning “Chronicle” to “Security Operations”
• Ironstream for Google Security Operations
Source: Images - https://cloud.google.com/security
14. Ironstream integrates IBM Z and IBM i into
today’s IT operations and security solutions
Target Platforms
IBM Platforms
IBM Z
®
IBM i
Ironstream®
14
15. Ironstream: For Today and Tomorrow
15
Source Target
• e.g. IBM i to QRadar
2024
Data Pipelines
• Simple set-up and control
• Optional mid-stream
“processes”
• Easily switch or add
sources and targets
16. Ironstream for Google Security Operations
16
IBM i
IBM Z
Source: https://cloud.google.com/chronicle/docs/data-ingestion-flow
Hub
Agent
Parsers
• Default parsers
• IBM AS/400
• IBM i Operating System
• IBM z/OS
• Typically need “custom”
requirements
• Logstash Grok-based
• Relatively straightforward
• Precisely looking into
improvements
Ironstream
18. Security Operations in Action with IBM i and Z
18
• Easily create dashboards • Use out-of-the-box dashboards
19. Why care? Why use Google SecOps?
19
“Cover all your bases”
• Extended, augmented visibility
“Hoarding is rewarding”
• Storing comprehensive data, longer
“Automation station”
• Agility – fast response is key
Source: Google Cloud – The Security Operations Ecosystem
Ironstream
for IBM Z and IBM i
22. Presentation name
Changing Landscape
22
• Business-Driven Security: Security is no longer a siloed IT concern. It's a critical business enabler, and security
teams are being measured on how well they protect business outcomes
• Multi-Factor Authentication (MFA) is becoming essential for all accounts and data, not just financial institutions.
Expect to see more biometric authentication methods alongside traditional passwords and codes.
• Boardroom Focus: Cybersecurity is no longer just an IT concern. With rising costs of data breaches, boards of
directors are demanding a more strategic approach to risk management and third-party security assessments
• Integration with Cloud Security Solutions: Expect continued focus on tighter integration between z/OS security and
IBM's cloud security offerings. This would allow for a more holistic view of security posture across hybrid
environments.
• Double edge sward of AI
• Platform Consolidation: The market is seeing a consolidation of individual security point products into broader
platforms that offer a more holistic approach
• Regulations Driving Change: New regulations are mandating a stronger security posture, forcing organizations to
invest in expertise and improve their overall cyber resilience.
• Quantum-Safe Cryptography Roadmap: With the growing threat of quantum computing, IBM may announce
updates to its roadmap for incorporating quantum-safe cryptography into its mainframe security solutions.
23. How to insert an image
How to insert a new slide How to insert a video
Choose Picture Correction to adjust the
Sharpness, Brightness, and Contrast.
How to insert a table Example slides
Click on the Home tab in the ribbon
and click on the arrow icon on the new
slide button.
Choose a layout from the drop down
selection
To change a layout of a slide, click on
the Home tab in the ribbon and click
on the layout button.
Choose a new layout from the drop
down selection
Click on the icon in the middle of the placeholder
and choose the amount
of rows and columns you need.
Click on your table, and on the Table Tools tab in
the ribbon, click on the Design tab.
In the Table Styles section, click on the drop down
arrow to open the full selection of Table Styles. Pick
the one that fits your layout the best.
Use the other table style options to design the
table to how you need it.
You can also use tools on the Layout tab to evenly
distribute your rows and columns.
Click on the icon in the middle of the
placeholder and choose the image from
your computer.
Click on the Format Picture tab in the ribbon
and use the tools to edit the image.
Choose Picture Color to adjust the Saturation,
Tone, and Color.
Choose Picture Correction to adjust
the Sharpness, Brightness, and Contrast.
Choose to resize and move the image within
the placeholder, using the white circles in the
corners of the image. Click on the drop down
arrow and choose Fit to fit the image to the
placeholder.
We have filled a selection of example slides
for you.
Use these as guidance for building your own
and then delete them as necessary.
There are a large variety of layouts to suit
your content.
Each layout is customizable, you don’t have
to fill each placeholder.
Use a selection of different layouts to create
variety in your presentation, keeping your
audience engaged.
Click on the icon in the middle of the
placeholder and choose the video from your
computer.
Click on the Format Video tab in the ribbon
and use the tools to edit the image.
Choose Picture Color to adjust the Saturation,
Tone, and Color.
Choose Poster Frame to change the preview
image for the video clip.
Choose Crop to resize and move the video.
Drag the black markers to increase the
background area, then use the white markers
to fit the video to the area.
24. Subheads need to be modified
manually. Select Precisely Bold
from the ribbon.
Then change the Font color
to purple:
To move down a level for
sub-bulleted lists, click on
Indent More in the ribbon:
Keep all headings at the default
text style found on your slide
Text style guide
25. SmartArt guide
If you require
additional colors,
please restrict
palette to the
Precisely color
theme by selecting
accent colors only.
Avoid color
combinations
that use
non-accent
colors
Please try to avoid
using multi-colored
diagrams where
possible. Precisely
Purple is the preferred
option and should
always be the
predominant color.
27. Presentation name
Sample diagram 2
1
Keep
it simple
2
Use circles
or squares
3
Retain white
space
4
Stick to the
brand palette
27
28. Presentation name
Sample diagram 3
28
Lorum ipsum
• Lorem ipsum dolor sit
amet, cons ecte tu
• radipiscing elit, sed do
eiusmo det tempor
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
Lorum ipsum Lorum ipsum Lorum ipsum
• Lorem ipsum dolor sit
amet, cons ecte tu
• radipiscing elit, sed do
eiusmo det tempor
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
• Lorem ipsum dolor sit
amet, cons ecte tu
• radipiscing elit, sed do
eiusmo det tempor
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
• Lorem ipsum dolor sit
amet, cons ecte tu
• radipiscing elit, sed do
eiusmo det tempor
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
29. Sample diagram 4
Presentation name
29
Lorum ipsum
• Lorem ipsum dolor sit
amet, cons ecte tu
radipiscing
• radipiscing elit, sed do
eiusmo det tempor
cons ecte
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
ecte tu radipiscing
Lorum ipsum
• Lorem ipsum dolor sit
amet, cons ecte tu
radipiscing
• radipiscing elit, sed do
eiusmo det tempor
cons ecte
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
ecte tu radipiscing
Lorum ipsum
• Lorem ipsum dolor sit
amet, cons ecte tu
radipiscing
• radipiscing elit, sed do
eiusmo det tempor
cons ecte
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
ecte tu radipiscing
Lorum ipsum
• Lorem ipsum dolor sit
amet, cons ecte tu
radipiscing
• radipiscing elit, sed do
eiusmo det tempor
cons ecte
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
ecte tu radipiscing
Lorum ipsum
• Lorem ipsum dolor sit
amet, cons ecte tu
radipiscing
• radipiscing elit, sed do
eiusmo det tempor
cons ecte
• incididunt ut labore et
dolore radipiscing
• Lorem ipsum dolor sit
amet, cons ecte
turadipiscing elit, sed
do eiusmo det tempor
• radipiscing elit, sed do
eiusmo det tempor
ecte tu radipiscing
30. Presentation name
Sample diagram 5
30
Lorum ipsum
• Lorem ipsum dolor sit ametons
ecte tu Lorem ipsum dolor sit
amet, cons ecte turadipiscing
• radipiscing elit, sed do eiusmo
det tempor
• incididunt ut labore et dolore
radipiscing
• Lorem ipsum dolor sit amet,
cons ecte turadipiscing elit,
sed do eiusmo det tempor
• radipiscing elit, sed do eiusmo
det tempor amet, cons ecte
turadipiscing
Lorum ipsum
• Lorem ipsum dolor sit ameons
ecte tu Lorem ipsum dolor sit
amet, cons ecte turadipiscing
• radipiscing elit, sed do eiusmo
det tempor
• incididunt ut labore et dolore
radipiscing
• Lorem ipsum dolor sit amet,
cons ecte turadipiscing elit,
sed do eiusmo det tempor
• radipiscing elit, sed do eiusmo
det tempor amet, cons ecte
turadipiscing
Lorum ipsum
• Lorem ipsum dolor sit ametns
ecte tu Lorem ipsum dolor sit
amet, cons ecte turadipiscing
• radipiscing elit, sed do eiusmo
det tempor
• incididunt ut labore et dolore
radipiscing
• Lorem ipsum dolor sit amet,
cons ecte turadipiscing elit,
sed do eiusmo det tempor
• radipiscing elit, sed do eiusmo
det tempor amet, cons ecte
turadipiscing
31.
32.
33.
34.
35.
36.
37.
38.
39. • Click to edit Master text styles
• Second level
• Third level
• Fourth level
• Fifth level
• Sixth level
• Seventh level
• Eighth level
• Ninth level
Presentation name
39
40. • Click to edit Master text styles
• Second level
• Third level
• Fourth level
• Fifth level
• Sixth level
• Seventh level
• Eighth level
• Ninth level
Presentation name
40
50. Presentation name
Click to edit styles
• Click to edit styles
• Second level
• Third level
• Fourth level
• Fifth level
• Sixth level
• Seventh level
• Eighth level
50
51. • Click to edit styles
• Second level
• Third level
• Fourth level
• Fifth level
• Sixth level
• Seventh level
• Eighth level
• Click to edit styles
• Second level
• Third level
• Fourth level
• Fifth level
• Sixth level
• Seventh level
• Eighth level
• Click to edit styles
• Second level
• Third level
• Fourth level
• Fifth level
• Sixth level
• Seventh level
• Eighth level
• Click to edit styles
• Second level
• Third level
• Fourth level
• Fifth level
• Sixth level
• Seventh level
• Eighth level
Presentation name
51
52. “It easily met all of
our requirements
(and exceeded
them), was simple for
us to install using
both local and
international
support, and the
implementation was
completed within
the scheduled
timeframe”.
Sam Bonanno
Infrastructure
Production Manager
Auditing database
activity to achieve
compliance
OBJECTIVE
• Heinz Wattie’s Australia is a subsidiary
of the multi-national H.J. Heinz Company
• The company is extensively audited for
SOX compliance
• Heinz Wattie’s needed audit all
changes to their mission critical data
CHALLENGES
• Wanted easy implementation without
application modifications that could
scale without performance impact
• Required coverage of all IBM i journal entries,
including user-defined entries, and the ability to
produce accurate, readable periodic or ad-hoc
reports and alerts
SOLUTION
• Assure Monitoring and Reporting
BENEFIT
• Quick implementation, using primarily in-house
resources, met their deadline
• Able to generate all the reports they need to
meet their internal needs and compliance
requirements – developing more over time
• Scales to the needs of their environment and
journal handling is compatible with their HA
software
Presentation name
52
53. OBJECTIVE
• lorem ipsum dolor sit amet, cons ecte tur
• adipiscing elit, sed do eiusmo det tempor
• incididunt ut labore et dolore magna aliqua
• incididunt ut labore et dolore magna aliqua
CHALLENGES
• Lorem ipsum dolor sit amet, cons ecte tur
• adipiscing elit, sed do eiusmo det tempor
• incididunt ut labore et dolore magna aliqua
• adipiscing elit, sed do eiusmo det tempor
• incididunt ut labore et dolore magna aliqua
• adipiscing elit, sed do eiusmo det tempor
SOLUTION
• Lorem ipsum dolor sit amet, cons ecte tur
• adipiscing elit, sed do eiusmo det tempor
• incididunt ut labore et dolore magna aliqua
BENEFIT
• lorem ipsum dolor sit amet, cons ecte tur
• adipiscing elit, sed do eiusmo det tempor
• incididunt ut labore et dolore magna aliqua
• incididunt ut labore et dolore magna aliqua
• lorem ipsum dolor sit amet, cons ecte tur
• adipiscing elit, sed do eiusmo det tempor
• incididunt ut labore et dolore magna aliqua
• incididunt ut labore et dolore magna aliqua
Presentation name
53
54. W
E
B
S
I
T
E
Lorem ipsum:
dolor sit amet
consectetur
28 MAR
28 MAR
Lorem ipsum:
dolor sit amet
consectetur
Lorem ipsum:
dolor sit amet
consectetur
02 APR
02 APR
Lorem ipsum:
dolor sit amet
consectetur
Lorem ipsum:
dolor sit amet
consectetur
06 APR
08 APR
Lorem ipsum:
dolor sit amet
consectetur
14 APR
Lorem ipsum:
dolor sit amet
consectetur
Lorem ipsum:
dolor sit amet
consectetur
17 APR
Lorem ipsum:
dolor sit amet
consectetur
09 APR
Lorem ipsum:
dolor sit amet
consectetur
06 MAY
07 APR
Lorem ipsum:
dolor sit amet
consectetur
Lorem ipsum:
dolor sit amet
consectetur
27 MAR
23 APR
Lorem ipsum:
dolor sit amet
consectetur
Lorem ipsum:
dolor sit amet
consectetur
09 MAY
Presentation name
54
55. Timeline 2
W
E
B
S
I
T
E
Lorem ipsum:
dolor sit amet
consectetur
APRIL
APRIL
Lorem ipsum:
dolor sit amet
consectetur
S
O
C
I
A
L
Lorem ipsum:
dolor sit amet
consectetur
MAY
MAY
Lorem ipsum:
dolor sit amet consectetur
Lorem ipsum:
dolor sit amet
consectetur
JUNE
JUNE
Lorem ipsum:
dolor sit amet
consectetur
Lorem ipsum:
dolor sit amet
consectetur
JULY
JULY
Lorem ipsum:
dolor sit amet
consectetur
Lorem ipsum:
dolor sit amet
consectetur
AUG
AUG
Lorem ipsum:
dolor sit amet
consectetur
Presentation name
55
58. Sarah Sample
Full job Title Position
Sarah Sample
Full job Title Position
Sarah Sample
Full job Title Position
Sarah Sample
Full job Title Position
Sarah Sample
Full job Title Position
Sarah Sample
Full job Title Position
Sarah Sample
Full job Title Position
Sarah Sample
Full job Title Position
Sarah Sample
Full job Title Position
Presentation name
58
59. Dark table
LORUM IPSUM DOLOR 4Q 2018 4Q 2017 FY 2018 FY 2017
Lorem ipsum dolor sit amet, consectetur 70.8 70.8 70.8 70.8
Lorem ipsum dolor sit amet, consectetur 35.6 90.3 10.7 35.6
Lorem ipsum dolor sit amet, consectetur 90.3 10.7 90.3 10.7
Lorem ipsum dolor sit amet, consectetur 15.3 10.7 35.6 90.3
Lorem ipsum dolor sit amet, consectetur 23.5 90.3 35.6 35.6
Lorem ipsum dolor sit amet, consectetur 10.7 35.6 35.6
Presentation name
59
60. 51%
20%
9%
8%
6%
6%
Lorum
Lorum
Lorum
Lorum
Lorum
Lorum
Lorem ipsum dolor ete sit
amet, consectetur
adipiscing eli
Presentation name
60
Example chart
These charts are provided as a style guide.
They have been created within PowerPoint
and can be edited/reused or just used as
visual reference.
To edit this chart:
‘Right-Click’ on the chart and select:
Edit Data in Excel
61. 51%
20%
9%
8%
6%
6%
Lorum Lorum Lorum Lorum Lorum Lorum
51%
20%
9%
8%
6%
6%
Lorem ipsum dolor ete
sit amet, consectetur
adipiscing eli
Lorem ipsum dolor ete
sit amet, consectetur
adipiscing eli
Presentation name
61
Example chart
These charts are
provided as a style
guide. They have been
created within
PowerPoint and can
be edited/reused or
just used as
visual reference.
To edit this chart:
‘Right-Click’ on the
chart and select:
Edit Data in Excel
62. Presentation name
0
1
2
3
4
5
6
Category 1 Category 2 Category 3 Category 4 Category 5
Series 1
Series 2
Series 3
62
Example chart
These charts are provided as a style guide.
They have been created within PowerPoint
and can be edited/reused or just used as
visual reference.
To edit this chart:
‘Right-Click’ on the chart and select:
Edit Data in Excel
63. Example chart
These charts are provided as a style guide.
They have been created within PowerPoint
and can be edited/reused or just used as
visual reference.
To edit this chart:
‘Right-Click’ on the chart and select:
Edit Data in Excel
8.2
3.2
1.4
1.2
1.4
1
0
1
2
3
4
5
6
7
8
9
2015 2016 2017 2018 2019 2020
2015
2016
2017
2018
2019
2020
Lorem ipsum dolor ete sit
Presentation name
63
64. Example chart
These charts are
provided as a style
guide. They have been
created within
PowerPoint and can
be edited/reused or
just used as
visual reference.
To edit this chart:
‘Right-Click’ on the
chart and select:
Edit Data in Excel
39% 54% 54% 59% 60%
0%
50%
100%
2014 2015 2016 2017 2018
39% 54% 54% 59% 60%
0%
50%
100%
2009 2010 2011 2012 2013
Presentation name
64
67. Example chart
$78 M
$325 M
Nov-15 Dec-16 Aug-17 Oct-18 Dec-19
$2.6 B
$612 M
XX% CAGR
XX% CAGR
Lorem ipsum
Dolor ete asit
Presentation name
67
68. Sample diagram
Veniam quis nostrud
Lorem ipsum
Lorem ipsum
Lorem ipsum
Lorem ipsum
Lorem ipsum
Veniam quis nostrud
Lorem ipsum
Lorem ipsum
Lorem ipsum
Veniam
quis nostrud
Lorem ipsum
Lorem ipsum
Lorem ipsum
Lorem ipsum
Lorem ipsum
Lorem ipsum
Lorem ipsum
Lorem ipsum
Presentation name
68
69. $10 Billion
Lorem ipsum dolor ete sit
$24 Billion
Lorem ipsum dolor ete sit
$650M
Lorem ipsum dolor ete sit
Big stats
Presentation name
69
70. Roadmap
Investment Segment
Next 3
months (Q?)
Next 3-6
months (Q?)
Next 6-12
months
Precisely Data Product Statistics Execute Interoperability Plan Expand Geoenrichment
delivery coverage
Precisely Addresses
Precisely Streets
Precisely Points of Interest
Precisely Boundaries
Precisely Demographics Psyte US First release of Dynamic
Demographics
Presentation name
70
71. Roadmap
Investment Segment
Next 3
months (Q?)
Next 3-6
months (Q?)
Next 6-12
months
Precisely Data Product Statistics Execute Interoperability Plan Expand Geoenrichment
delivery coverage
Precisely Addresses
Precisely Streets
Precisely Points of Interest
Precisely Boundaries
Precisely Demographics Psyte US First release of Dynamic
Demographics
Presentation name
71
72. Roadmap
Investment Segment
Next 3
months (Q?)
Next 3-6
months (Q?)
Next 6-12
months
Precisely Data Product Statistics Execute Interoperability Plan Expand Geoenrichment
delivery coverage
Precisely Addresses
Precisely Streets
Precisely Points of Interest
Precisely Boundaries
Precisely Demographics Psyte US First release of Dynamic
Demographics
Presentation name
72
73. Roadmap
Investment Segment
Next 3
months (Q?)
Next 3-6
months (Q?)
Next 6-12
months
Precisely Data Product Statistics Execute Interoperability Plan Expand Geoenrichment
delivery coverage
Precisely Addresses
Precisely Streets
Precisely Points of Interest
Precisely Boundaries
Precisely Demographics Psyte US First release of Dynamic
Demographics
Presentation name
73
74. Lorum amet
Lorem ipsum dolor sit amet, consec
tetur adipiscing elit, sed do aliqua.
Ut enim ad minim
Lorum amet
Lorem ipsum dolor sit amet, consec
tetur adipiscing elit, sed do aliqua.
Ut enim ad minim
Presentation name
74
76. “Lorem ipsum dor sit
amet, consectetur
adipiscing elit, sed do
eiusmod tempor incid
idunt ut dolor labore
et dolore magna”
Name Surname
“Lorem ipsum dor sit
amet, consectetur
adipiscing elit, sed do
eiusmod tempor incid
idunt ut dolor labore
et dolore magna”
Name Surname
“Lorem ipsum dor sit
amet, consectetur
adipiscing elit, sed do
eiusmod tempor incid
idunt ut dolor labore
et dolore magna”
Name Surname
Presentation name
76
78. Lorem ipsum dolor ete sit
amet, consectetur
Journey
Lorem ipsum dolor ete sit
amet, consectetur
Lorem ipsum dolor ete sit
amet, consectetur
Lorem ipsum dolor ete sit
amet, consectetur
Lorem ipsum dolor ete sit
amet, consectetur
Presentation name
78
80. Accuracy counts
Lorem ipsum dolor sit amet,
consectetur adipiscing elit, sed do
eiusmod tempor incididunt ut labore et
dolore magna aliqua. Ut enim ad
minim veniam, quis nostrud exercitation
ullamco laboris nisi ut aliquip ex ea
commodo consequat.
Duis aute irure dolor in reprehenderit in
voluptate velit esse cillum dolore eu
fugiat nulla pariatur. Excepteur sint
occaecat cupidatat non proident, sunt
in culpa qui officia deserunt mollit anim
id est laborum
Presentation name
80
81. Accuracy counts
Lorem ipsum dolor sit amet,
consectetur adipiscing elit, sed do
eiusmod tempor incididunt ut labore et
dolore magna aliqua. Ut enim ad
minim veniam, quis nostrud exercitation
ullamco laboris nisi ut aliquip ex ea
commodo consequat.
Duis aute irure dolor in reprehenderit in
voluptate velit esse cillum dolore eu
fugiat nulla pariatur. Excepteur sint
occaecat cupidatat non proident, sunt
in culpa qui officia deserunt mollit anim
id est laborum
Presentation name
81
82. Presentation name
Consistency
gets results
Lorem ipsum dolor sit amet, consectetur
adipiscing elit, sed do eiusmod tempor
incididunt ut labore et laboris nisi ut aliquip
ex ea commodo consequat.irure dolor in
reprehenderit in voluptate velit esse cillum
dolore eu fugiat nulla pariatur.
82
83. Lorem ipsum dolor sit
Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore
magna aliqua. Ut enim ad minim veniam, quis nostrud
exercitation ullamco laboris nisi ut aliquip ex ea
commodo consequat. Duis aute irure dolor in repre
enderit in voluptate velit esse cillum dolore eu
Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore
magna aliqua. Ut enim ad minim veniam, quis nostrud
exercitation ullamco laboris nisi ut aliquip ex ea
commodo consequat. Duis aute irure dolor in
reprehenderit in voluptate velit esse cillum dolore eu
Presentation name
83
85. Lorem ipsum dolor sit
Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore
magna aliqua. Ut enim ad minim veniam, quis nostrud
exercitation ullamco laboris nisi ut aliquip ex ea
commodo consequat. Duis aute irure dolor in repre
enderit in voluptate velit esse cillum dolore eu
Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore
magna aliqua. Ut enim ad minim veniam, quis nostrud
exercitation ullamco laboris nisi ut aliquip ex ea
commodo consequat. Duis aute irure dolor in
reprehenderit in voluptate velit esse cillum dolore eu
Presentation name
85
87. Presentation name
87
Lorem ipsum dolor sit
Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore
magna aliqua. Ut enim ad minim veniam, quis nostrud
exercitation ullamco laboris nisi ut aliquip ex ea commodo
consequat. Duis aute irure dolor in reprehenderit in
voluptate velit esse cillum dolore eu fugia.
Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore
magna aliqua. Ut enim ad minim veniam, quis nostrud
exercitation ullamco laboris nisi ut.
88. Lorem ipsum dolor sit
Lorem ipsum dolor sit amet, consectetur adipiscing
elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Ut enim ad minim veniam,
quis nostrud exercitation ullamco laboris nisi ut
aliquip ex ea commodo consequat. Duis aute irure
dolor in reprehenderit in voluptate velit esse cillum
dolore eu fugia.
Lorem ipsum dolor sit amet, consectetur adipiscing
elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Ut enim ad minim veniam,
quis nostrud exercitation ullamco laboris nisi ut.
Overview
Title: [AMER] Unlocking the Power of Your IBM i and Z Security Data with Google Chronicle
Date: Wednesday, May 15, 2024
Time: 11:00 AM Eastern Daylight Time
Duration: 1 hour
Summary
In today's ever-evolving threat landscape, any siloed systems, or data leave organizations vulnerable. This is especially true when mission-critical systems like IBM i and IBM Z mainframes are not included in your security planning. Valuable security data from these systems often remains isolated, hindering your ability to detect and respond to threats effectively.
Ironstream and bridge this gap for IBM systems by integrating the important security data from these mission-critical systems into Google Chronicle where it can be seen, analyzed and correlated with the data from other enterprise systems Here's what you'll learn:
The unique challenges of securing IBM i and Z mainframes
Why traditional security tools fall short for mainframe data
The power of Google Chronicle for unified security intelligence
How to gain comprehensive visibility into your entire IT ecosystem
Real-world use cases for integrating IBM i and Z security data with Google Chronicle
Join us for this webcast to hear about:
The unique challenges of securing IBM i and IBM Z systems
Real-world use cases for integrating IBM i and IBM Z security data with Google Chronicle
Combining Ironstream and Google Chronicle to deliver faster threat detection, investigation, and responses times
Thanks Bill.
In this section... We going to talk about getting better visibility with Google Chronicle and bringing the IBM platforms into this context.
But first… We need to address something.
Google is in the process of changing the name of chronicle.
We know this because we're actually working with Google on bringing IBMi and mainframe into their security product.
Google is transitioning to have everything under the "Google Cloud" banner.
And their security offerings are coming into this context.
So… Chronicle it's becoming "Security Operations" as part of their wider platform strategy.
It was just a little unfortunate that we named and advertised this session before we became aware of the name change.
But that does not matter… Because we have already applied the name change to what we are doing...so of course we now have… Ironstream for Google security operations.
So, what is Ironstream for Google Security Operations?
Well, let's answer another question first… what is Ironstream?
Ironstream allows you to connect your IBM platforms to today's modern IT operations and security products.
It delivers log and machine data to the tools you use to keep your IT environments healthy, performant and secure.
Ironstream makes it really easy to connect and deliver data into one or more tools that organizations use today.
***click***
And…of course… The product we're talking about today is...Google security operations
And we do this integration with a component called the Ironstream Hub.
This is a browser-based user interface… That allows easy set up and configuration.
For example: select your source as mainframe or IBMi… And a target such as QRadar… complete a few connectivity options… And that's it.
Start the pipeline… And data will flow.
Of course, you can do more than that… Such as controlling exactly what is delivered to your chosen target. You do not have to send everything you can be very specific about sending just the data you need to answer your specific use cases.
And going further… You can have more than one source and more than one target. This allows you to reuse data pipelines… As well as send data to multiple targets for different use cases.
And this underlines what we're seeing in the market today...where customers are using more than one tool as well as potentially changing tools as their needs evolve.
So… What are we doing in the context of Google security operations?
Well...of course, we're using the Ironstream Hub to deliver the information.
This is a diagram from the Google documentation that shows the flow for getting data into the security operations platform.
***click***
So, on the left, we have the security logs which in this case are mainframe and IBMi flavored.
***click***
***click***
And these are picked up by a data forwarding service… which, of course, is Ironstream.
***click***
***click***
And today the information is delivered into the SecOps platform as raw log data.
***click***
***click***
And it is here, that the data is parsed and normalized so the platform can understand what it contains and the actions that need to be taken.
***click***
So… How does Ironstream help? We use a small, lightweight agent on the source IBM platform to efficiently capture the security data.
***click***
Transport this information to the hub
***click***
And into the security operations environment.
***click***
Now, I do want to call out one particular aspect of this integration… Which concerns the parsers.
There are default parsers in the security operations platform… But our customer feedback tells us that they're not really fit for purpose.
They do work… But making them work in your context may not be exactly what they deliver. Because generally security takes a lot of work mapping out levels of criticality and identifying things that are perhaps unique to your environment.
That said… It is generally quite easy to capture what you need by leveraging the power of logstash-type processing built into the operations ingest process.
And behind all this, the team here at Precisely is looking into how we can improve the parsers... to help us… And to help you.
But all that said… Getting the data into Google security operations is really easy with Ironstream.
And here is some output to prove that point.
As we bring the data into the platform, we are mapping to the meta-data fields, and this makes searching very simple.
***click***
As an example… this shows results from looking for Ironstream mainframe logs and activities that have been blocked.
***click***
And equally… IBMi is just as simple to integrate.
Here we have, message Q information that has been brought in as "syslog key/value" format data.
And...going further… Once you've got the information in there… You can start creating dashboards.
As an example, here's a simple bar chart showing a split between AS/400 and mainframe logs from small set of sample data.
This is super easy to set up using the inbuilt tooling available from Google.
***click***
And of course… Because the data is going into the universal data model… The out of the box dashboards can work too.
Here again, we see a very simple bar chart...of mainframe and IBMi...with events overtime appearing on one of the built-in dashboards.
OK... Why should you care about doing something like this and why should you even think about using Google security operations?
Well… The highlighted phrases and the diagram shown here are from Google materials about their security operations platform.
Google says you need to cover all your bases. this means you must extend your visibility to include all your IT infrastructure. As Bill said earlier, without good, broad visibility you are running with blind spots...and that is a dangerous position to be in.
And you need access to data in order to detect anomalies and situations that are...by design...supposed to be stealthy and go literally under the radar. So, the Google solution allows you to store a lot of information so you can use that tooling to get better insights from your data.
But...even when you have ALL that information and you DO detect something… You need to be agile enough to be able to react quickly. Failure to detect and respond as quickly as possible could be fatal to your business.
So, it's the bringing together of all these different IT infrastructure components and platforms into a comprehensive view where you can find anomalies and situations in the growing mountain of information you have to deal with on a daily basis. Doing this and leveraging the power of Google is a smart move.
***click***
And of course, Ironstream brings the IBM platforms into this context.