EPISODE 03 – The Hidden Risk in Legacy Infrastructure

For many enterprise organizations (particularly in financial services and healthcare) mainframes remain the backbone of daily operations. Yet, these critical legacy systems often operate under a false assumption of “security by obscurity.” Overlooking the security of these core assets represents a significant, often unaddressed, operational risk.

Key Insights 

Modernizing your security strategy requires addressing every layer of your infrastructure, including the oldest components. This episode offers critical takeaways for managing this unique risk: 

• The Reality of Mainframe Vulnerabilities: Understand why mainframes are susceptible to modern attack vectors and how privilege escalation techniques can compromise sensitive data. 
• Addressing the Skills Gap: As the workforce ages, expertise in mainframe security is becoming scarce. Phil discusses the importance of cultivating specialized talent to ensure these systems remain secure against evolving threats. 
• Strategic Defense for Legacy Systems: Learn why standard network penetration testing often misses mainframe vulnerabilities and why specialized scripts and tools are necessary to uncover hidden risks. 

About the Speakers 

Host: Karl Fosaaen | VP, Research 

As a VP of Research, Karl is part of a team developing new services and product offerings at NetSPI. Karl previously oversaw the Cloud Penetration Testing service lines at NetSPI and is one of the founding members of NetSPI’s Portland, OR team. Karl has a Bachelors of Computer Science from the University of Minnesota and has been in the security consulting industry for over 15 years. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit (https://github.com/NetSPI/Microburst) to house many of the PowerShell tools that he uses for testing Azure. In 2021, Karl co-authored the book “Penetration Testing Azure for Ethical Hackers” with David Okeyode. 

Guest: Phil Young | Director of Mainframe Pentesting 
Philip Young joined NetSPI in 2023 as Director of Mainframe Penetration Testing, bringing over 15 years of specialized experience from Fortune 500 companies including Visa Inc. and Wells Fargo Inc. Known as “Soldier of FORTRAN” in the cybersecurity community, he has established himself as the world’s foremost mainframe security authority through keynote presentations at MISTI, SHARE, Vanguard, and Guide Share Europe, plus speaking engagements at BlackHat, DEFCON, RSA, and other premier conferences. His exceptional expertise has been recognized with multiple awards including winning “Best Talk” at SHARE conferences twice and “Best Presented Talk” at SEC-T 2013. Philip co-created the world’s only mainframe penetration testing course and has significantly advanced the field through his contributions to Nmap and Metasploit, plus developing specialized tools like CATMAP, APFCHECK, and OMVSEnum. He holds Security+, CISSP, and OSCP certifications and continues to bridge the critical gap between traditional mainframe operations and modern cybersecurity practices. 

Empower your strategic decisions with these additional resources: 

• Service Overview: NetSPI Mainframe Penetration Testing 
• Technical Insights: Hack Responsibly Blog 
• Tools: NetSPI Open Source Tools 

Find more episodes on YouTube or wherever you listen to podcasts.