Mainframe Penetration Testing

Finding mainframe security experts is a challenge. As a result, mainframes are often passed over during security reviews, which increases the security risk to your business-critical infrastructure. NetSPI’s mainframe pentesting is led by one of the most qualified mainframe security experts who brings valuable insight into your LPAR security, providing actionable guidance on how to improve your mainframe security and help meet compliance requirements.

Improve IBM z/OS Mainframe System Security

While z/OS mainframe deployments are far more secure than other platforms, they still suffer from critical software and configuration vulnerabilities. Often, these vulnerabilities can be exploited via a simple REXX Exec, which presents significant risks to your company.

NetSPI’s mainframe security experts use a proven approach to mainframe penetration testing on IBM z/OS systems to identify security vulnerabilities that exist within your mainframe.

Mainframe Penetration Testing Service

Our testing approach is based on NIST 800-53 special publication, PCI DSS, IBM recommendations, the MITRE ATT&CK framework, and other industry best practices. Our mainframe penetration testing experts offer four types of testing:

Blackbox (Unauthenticated) Testing

  • Network service discovery
  • Vulnerability discovery and verification
  • VTAM/SNA discovery
  • Logical unit enumeration
  • Application ID discovery
  • TN3270 application testing
  • Web application testing
  • Password auditing
  • Network job entry

Presumed Breach (Authenticated) Testing

  • Automated vulnerability discovery
  • RACF/TopSecret/ACF2 testing
  • Vulnerability verification and exploitation
  • Offline password auditing
  • APF authorization privilege escalation
  • TSO, JES2, and UNIX System Services testing
  • SVC privilege escalation

CICS Application Testing

  • Tests common application vulnerabilities
  • CICS transaction review/testing/exploitation
  • AID testing
  • BMS testing
  • CICS web application testing
  • CICS API testing

CICS Region Testing

  • Check for common CICS region misconfiguration
  • Enumerate/Brute force transaction IDs
  • Test access to critical transactions
  • Password auditing

Why Do I Need Mainframe Penetration Testing?

Mainframes run your critical workloads and rely on integrity and high availability to help your business run. Due to their complicated nature and organic growth over decades vulnerabilities may exist in your mainframe environment.

Mainframe security vulnerabilities can lead to external or internal breaches of the existing security controls. Once breached, there is high risk of compromising the confidentiality, integrity, and availability of the mainframe’s systems or data.

IBM states that the detection of mainframe vulnerabilities is the responsibility of the client, according to the standard terms and conditions of IBM’s mainframe warranty. In addition, PCI DSS, Sarbanes Oxley, and ISO standards stipulate that penetration testing needs to be performed regularly.

Discover why security operations teams choose NetSPI.