•DoD z/OS STIG Version 8.1 and 8.2 – https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_zOS_Y21M01_STIG.zip
•DoD z/OS Products – CA ACF2 Managed Mainframes – https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_zOS_ACF2_V6R48_Products.zip
•DoD z/OS Products – CA TSS managed Mainframes – https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_zOS_TSS_V6R48_Products.zip
•DoD z/OS Products – IBM RACF managed Mainframes – https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_zOS_RACF_V6R48_Products.zip
Broadcom has started to publish their own Vendor Product STIG – TSS for z/OS, how to properly utilize TSS to secure the z/OS Mainframe. STIG Articles provide documented z/OS Mainframe Security Controls to help you move forward in securing your mainframes.
The Broadcom Vendor TSS STIG for z/OS can be found at: https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-top-secret-for-z-os/16-0/using-stig-articles.html
Broadcom has started to publish their own Vendor Product STIG – ACF2 for z/OS, how to properly utilize ACF2 to secure the z/OS Mainframe. STIG Articles provide documented z/OS Mainframe Security Controls to help you move forward in securing your mainframes.
The Broadcom Vendor ACF2 STIG for z/OS can be found at: https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/using-stig-articles.html
The source of these documents is https://public.cyber.mil/. These are provided as convenience in case your site has .MIL blocked or otherwise you are unable to access that website to download.
What are Vendor STIGs ? Vendor STIGs are Security Technical Implementation Guides written by the Subject Mater Experts of specific products that run on z/OS Mainframes.
What are “STIGs” ? STIG is an common industry acronym for Security Technical Implementation Guides. STIGs are robust documentation written for products, ensuring products that installed are fully and properly secured with risks and exposures are minimized while allowing users the ability to utilize the product.
As Vendors develop STIGs for their products, we will be posting links here directly to those STIGs or Posting the STIGs for the products within this site.