Stream: Security
Time: 10:00 - 10:45
As digital transformation continues to reshape enterprise infrastructure, the mainframe remains a cornerstone of critical business operations—yet it is often overlooked in modern cybersecurity strategies. This presentation highlights the urgent need to bring cyber scenarios and red team exercises into the mainframe domain. We will explore what red teaming and cyber scenarios entail within the context of IBM Z/OS environments, and why they are essential for uncovering systemic weaknesses and ensuring real-world resilience. Attendees will gain insight into attack surfaces unique to mainframes, including z/OS Connect APIs, to CICS, TSO, and DB2. The session will include a brief demo showcasing tools and techniques that simulate real-world threat actor behaviour against these components. These security components should not be 'nice to haves' but essential seen as essential for the enterprise mainframe environment as your ESMs and application penetration tests. This session will reinforce the importance of proactive, adversary-focused testing to secure the system that truly holds the keys to the kingdom.
There is currently no attachment for The Importance of Mainframe Red-Teaming and Cyber Scenarios as part of the Security Stack.
Cyber Threat Intelligence Manager and Cyber Mentor at NatWest Threat Intelligence Manager, Cyber Mentor, Penetration Tester, mainframe enthusiast, and author using my 30+ years of experience to pass on my knowledge as best I can! I've worked in financial services for 20 years and consultancy for the other 10, mostly in Offensive Cyber Security and Technical Risk Management. I started working with mainframes just under three years ago and I find them fascinating as well as vital. I'm currently writing a book for No Starch Press on Mainframe Hacking. I'm lucky enough to be part of the Mainframe Hackers Society.
Click here to give some Feedback so we can make it even better next year!