DoD releases new z/OS STIG and Product STIGs as used by DoD.

•DoD z/OS STIG Version 8.1 and 8.2 – https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_zOS_Y21M01_STIG.zip

•DoD z/OS Products – CA ACF2 Managed Mainframes – https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_zOS_ACF2_V6R48_Products.zip

•DoD z/OS Products – CA TSS managed Mainframes – https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_zOS_TSS_V6R48_Products.zip

•DoD z/OS Products – IBM RACF managed Mainframes – https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_zOS_RACF_V6R48_Products.zip

z/OS Vendor Top Secret (TSS) STIG for z/OS

Broadcom has started to publish their own Vendor Product STIG – TSS for z/OS, how to properly utilize TSS to secure the z/OS Mainframe. STIG Articles provide documented z/OS Mainframe Security Controls to help you move forward in securing your mainframes.

The Broadcom Vendor TSS STIG for z/OS can be found at: https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-top-secret-for-z-os/16-0/using-stig-articles.html

z/OS Vendor ACF2 STIG for z/OS

Broadcom has started to publish their own Vendor Product STIG – ACF2 for z/OS, how to properly utilize ACF2 to secure the z/OS Mainframe. STIG Articles provide documented z/OS Mainframe Security Controls to help you move forward in securing your mainframes.

The Broadcom Vendor ACF2 STIG for z/OS can be found at: https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/using-stig-articles.html

z/OS Vendor Security Technical Implementation Guides (STIG)

What are Vendor STIGs ? Vendor STIGs are Security Technical Implementation Guides written by the Subject Mater Experts of specific products that run on z/OS Mainframes.

What are “STIGs” ? STIG is an common industry acronym for Security Technical Implementation Guides. STIGs are robust documentation written for products, ensuring products that installed are fully and properly secured with risks and exposures are minimized while allowing users the ability to utilize the product.

As Vendors develop STIGs for their products, we will be posting links here directly to those STIGs or Posting the STIGs for the products within this site.