Raz-Lee Security

Automatic and Effortless Auditing of Program and File Changes on IBM i

admin — Thu, 03 May 2012 09:23:50 +0000

Raz-Lee Security announced today the release of its latest product, Change Tracker, which enables IBM i (AS/400) companies to automatically and comprehensively trace software modifications at both the source and object levels.

With the increasing awareness and adherence to industry-wide regulations such as SOX, HIPAA, PCI, auditing and traceability – especially within production libraries – have become issues of major importance. Change Tracker is dedicated to automatically monitoring and logging object changes at both the source and object levels. Since Change Tracker relies solely on the actual updates within a library, no manual intervention is required.

Based on the QAUDJRN system journal, Change Tracker provides a robust and comprehensive solution that cannot be bypassed. Working in real-time, it can automatically record every revision and collect all information relevant to the modifications made, including object attributes, source code, changes to file structures and more!

Click here to read all the details

Raz-Lee Security Joins HP AllianceONE Partner Program

admin — Sun, 29 Apr 2012 13:34:43 +0000

SNMP-Based Real-Time Alerts Help Customers Using HP Operations Manager Software

Raz-Lee Security announced today that it has joined the HP AllianceONE partner program. Today, the company provides SNMP-based real time alerts to customers using HP Operations Manager software, providing full forensic auditing capabilities.

Click here to read the all the details.

IBM i Native, Agent-less, SQL Access to Oracle, MS SQL, MySQL and other DBs

admin — Thu, 29 Mar 2012 12:41:51 +0000

Raz-Lee Security’s DB-Gate also enables SQL queries to Excel, CSV and other data sources without middleware

Raz-Lee Security announced today the release of a unique database access product, DB-Gate, which enables IBM i (AS/400) users to connect to virtually any type of remote database or data source without any middleware (software or hardware). This patent-pending technology utilizes standard SQL statements and works from all native SQL commands and programming languages.

Click here to read the all the details.

Raz-Lee Security is now offering a time-limited trial of DB-Gate.

In addition, the company will be hosting 3 live webinars to demo the product at 10AM EST on Thursday April 5^thand Wednesdays April 11^th and 18^th.
E-mail us to reserve your spot at any of the webinars.

iSecurity Interfaces with Splunk

admin — Wed, 22 Feb 2012 08:10:40 +0000

Raz-Lee has recently finalized a new interface between iSecurity and Splunk’s log, monitoring and reporting tool (www.splunk.com).

The Splunk interface is in addition to the real-time Syslog alert integrations already completed with other leading SIEM products, such as IBM’s Tivoli, RSA enVision, Q1Labs and GFI Solutions – as well as successful tests done with ArcSight, HPOpenView and CA UniCenter.

For more details on Raz-Lee’s SIEM partnerships, visit:
http://www.razlee.com/company/siem_partnership.php razlee.com

Raz-Lee’s Successful AP-Journal Product Expanded with New, Unique Features

admin — Wed, 25 Jan 2012 12:44:37 +0000

Industry-unique support for Data Areas and IFS are no-cost additions to the DB2 audit trail product, AP-Journal.

First and foremost, AP-Journal supports sending “mass mode” real-time Syslog alerts regarding application field-level data changes to SIEM products, for example IBM/Tivoli, RSA enVision, IBM/Q1Labs, ArcSight, GFI, etc. This support sends only Syslog messages without any additional processing and has been measured to transfer up to 2000 transactions per second to SIEM products while using less than 1% CPU.

Click here for full details on the other additions

Raz-Lee Contributes FREE Anti-Virus Solution to AS/400 Community

admin — Mon, 16 Jan 2012 08:31:31 +0000

Raz-Lee Security is offering the worldwide AS/400 community its recently-released 2012 Anti-Virus product for FREE with a permanent license.

iSecurity Anti-Virus is an AS/400-specific product that keeps the system clean of viruses, Trojan horses and malicious code. Anti-Virus incorporates the ClamAV open source anti-virus engine and is engineered to provide full protection to the server, its file contents and resident or dedicated software.

Click here for details on the offer and download instructions

iSecurity Now Supports QSH and PASE Logging, Reporting & Alerting

admin — Tue, 13 Dec 2011 07:09:46 +0000

OS/400′s inability to log QSHELL activity left an opening in the overall IBM i auditing process and imposed a serious security risk to an organization. This lack of functionality has become significantly more serious with the ever-increasing use of this environment in IBM i shops. In response, Raz-Lee has developed the unique ability to log QSHELL for QSH and PASE in the IBM i.

Until now, people using native OS/400 could log standard OS/400 commands, but there was no way to log QSHELL commands. Now, companies using iSecurity Audit can run commands – entered during an interactive session as well as when entered as parameters in the QSH and STRQSH commands – that are part of the QSHELL environment to delete and write to files, create directories and more.

Click here to read the full details about iSecurity’s added support for QSH and PASE Logging, Reporting & Alerting

iSecurity Approved for IBM Tivoli Netcool/OMNIbus Certification

admin — Tue, 29 Nov 2011 12:01:09 +0000

IBM has certified Raz-Lee’s iSecurity for integration with their Tivoli Netcool/OMNIbus, part of Tivoli’s Security Operations Manager, to consolidate complex IT and network operation management tasks. The integration with Tivoli’s SIEM capabilities will enable it to receive Syslog real-time alerts from iSecurity and to consolidate security event information from other IBM i servers, and indeed from multiple hardware platforms, into its single console environment.

Click here to read the full details about the new IBM Tivoli Certification

Verizon Business Report: Most Organizations Slipping out of PCI Compliance Within One Year

admin — Wed, 05 Oct 2011 07:07:22 +0000

Interesting reading: This report states that out of 100 organizations which were certified as PCI compliant in 2010, 75 are no longer compliant in 2011!

To me this means that software such as Raz-Lee’s Compliance Evaluator needs to be used on an ongoing basis in order ensure compliance over time.

Also interesting are the “basic requirements” of PCI Compliance listed in the report, including many supported by Raz-Lee’s other products; these include using firewalls and antivirus, implementing strong passwords and access control, protecting the database, tracking all activity, etc.

In summation, compliance needs to be an “everyday, ongoing process” and organizations need “continuous adherence” to the standard.

Recommended!

Bank Trader Becomes a Traitor

admin — Thu, 22 Sep 2011 05:01:05 +0000

Insider threats are very real and around us all, especially those working at financial institutions such as banks and insurance companies!

See the full story about the recent loss of $2B at UBS Swiss Bank, caused by one of the bank’s traders, at this link.

Also highly recommended, and very relevant to iSecurity, is the excellent analysis by our business partner, Imperva.