BMC Delivers Automated Detection and Response for Mainframe Security Operations


BMC, a global leader in IT solutions for the Autonomous Digital Enterprise, today announced new capabilities for the BMC AMI Security solution to automatically protect, detect, and respond to threats on the mainframe. BMC AMI Security shares mainframe security events with enterprise security information and event management systems (SIEM) in real-time, providing actionable insights for incident responders.

Autonomous Digital Enterprises today amass and use data from across the enterprise, including the mainframe, for optimal operations and a transcendent customer experience. The mainframe is very securable, but zero-day threats, configuration weaknesses, and modern threats like ransomware present risks to the sensitive data that live on mainframes.

Securing the mainframe requires skills that are in short supply. So, BMC AMI Security comes with years of experience with intelligence and automated security processes built-in to defend mainframes and surface findings that are actionable for incident responders, making both security and operations teams more efficient.


With the BMC AMI Security solution, organisations can:

  • Automatically halt suspicious and known malicious actions: Automated protection, detection, and response to mainframe security events stops threats before systems are compromised, provides visibility into attack methods, and reduces mean time to repair (MTTR). Behavioural analytics operate in real-time and trigger alerts for Indicators of Compromise (IOCs) on the mainframe.

  • Close the window of opportunity for attackers to go undetected: Integrations with leading SIEMs give security teams visibility of actions occurring on the mainframe in real-time with a timeline of actions to quickly investigate threat events.

  • Secure critical data, uncover risks, and continuously harden the mainframe: One of the largest sets of IOCs based on attack behaviours are provided out of the box for faster investigations. Security practitioners can see all actions occurring on the mainframe to continuously monitor databases for suspicious activity.

  • Adhere to compliance demands with alerts, audits, and real-time visibility: Out-of-the-box reports, real-time alerts, and audit trails for production systems seamlessly work with all major SIEMs to help achieve key HIPAA, PCI, DSS, and GDPR compliance mandates in minutes.

  • Simplify administration and operations: Automated password management improves the efficiency of users and the service desk. A graphical user interface simplifies basic management tasks, and auditable emergency access allows faster performance of essential services.


Enterprises are realising the value of moving from Endpoint Detection and Response (EDR) to Extended Detection and Response (XDR) tools. Data correlation and centralisation, in particular, help to surface data relevant to detection.

“Centralisation and normalisation of data also helps improve detection by combining softer signals from more components to detect events that might otherwise be ignored,” according to Gartner.*

“As an enterprise system storing some of an organisation’s most sensitive data, the mainframe is a target for attackers. If not properly secured, the mainframe can be compromised in minutes,” said John McKenny, Senior Vice President of ZSolutions Strategy and Innovation at BMC. “BMC AMI Security is the virtual, always-on security expert for the mainframe that enterprises need. Its ability to adapt to threats and help enterprises include the mainframe into their XDR strategy solves a potentially large gap in protecting sensitive data within every Autonomous Digital Enterprise.”

BMC Automated Mainframe Intelligence (AMI) helps businesses automatically manage, diagnose, heal, and optimise the mainframe. Built for intelligent automation, BMC AMI makes the mainframe smarter using artificial intelligence (AI), machine learning, predictive analytics, correlation, and pattern analysis. These capabilities align with customers’ evolving needs and embrace intelligent, tech-enabled systems across every facet of the business. Enhancements to database, performance, and optimisation solutions are also planned.

Innovation is being delivered throughout the BMC portfolio with security and usability enhancements now available for the MainView Systems management products in our July quarterly release. The MainView products now include more data, metrics, and real-time visibility than ever before. Compuware, a BMC company, also recently announced mainframe DevOps integrations that enable test data setup to be directly embedded into automated testing, further ensuring test data consistency, accuracy, and security for Autonomous Digital Enterprises.


*Smarter With Gartner, Gartner Top 9 Security and Risk Trends for 2020, June 22, 2020,