Standard Cybersecurity Controls for z/OS – Security Technical Implementation Guides (STIG) for z/OS Mainframes
Broadcom has published their own Vendor Product STIG for CA Endevor for z/OS, how to properly secure Endevor using ACF2, RACF or TSS on the z/OS Mainframe. STIG Articles provide documented z/OS Mainframe Security Controls to help you move forward in securing your mainframes.
The Broadcom Vendor Endevor STIG using ACF2, RACF OR TSS on z/OS can be found at: https://techdocs.broadcom.com/us/en/ca-mainframe-software/devops/ca-endevor-software-change-manager/18-1/using-stig-articles.html
Broadcom has published their own Vendor Product STIG for CA Common Components and Services or CCS for z/OS, how to properly secure CCS using ACF2, RACF or TSS on the z/OS Mainframe. STIG Articles provide documented z/OS Mainframe Security Controls to help you move forward in securing your mainframes.
The Broadcom Vendor CCS STIG using ACF2, RACF OR TSS on z/OS can be found at: https://techdocs.broadcom.com/us/en/ca-mainframe-software/traditional-management/ca-common-services-for-z-os/15-0/using-stig-articles.html
What are Vendor STIGs ? Vendor STIGs are Security Technical Implementation Guides written by the Subject Mater Experts of specific products that run on z/OS Mainframes.
What are “STIGs” ? STIG is an common industry acronym for Security Technical Implementation Guides. STIGs are robust documentation written for products, ensuring products that installed are fully and properly secured with risks and exposures are minimized while allowing users the ability to utilize the product.
As Vendors develop STIGs for their products, we will be posting links here directly to those STIGs or Posting the STIGs for the products within this site.