As a mainframer, it can be comical to watch Hollywood’s portrayal of hackers breaching a mainframe. While these cinematic portrayals can be exaggerated, they are a great reminder of an important truth: mainframes are the backbone of enterprise IT infrastructure, powering the global economy and more than 75% of the world’s business transactions. These systems house invaluable data— financial details, personal identification information, and proprietary business data—making them prime targets for increasingly sophisticated cybercriminals. Once driven by immediate financial gain through theft, these adversaries now frequently resort to ransomware, holding crucial data hostage for hefty ransoms. This evolving threat landscape underscores the critical need for robust mainframe security.
The Threat Landscape: An Assumed Breach Mentality
Enterprises must operate on the assumption that breaches are inevitable. This "assumed breach" mentality acknowledges the presence of bad actors within the network, necessitating proactive measures to identify and mitigate vulnerabilities. However, many mainframe shops face a significant challenge: seasoned professionals are retiring, taking with them invaluable institutional and technical knowledge. This talent gap is not unique to the mainframe and is impacting all industries. Experts who possess deep mainframe knowledge, understand cybersecurity threats, and grasp enterprise business contexts are incredibly rare due to the common practice of specialization in a particular area. Broadcom’s approach to Workforce Resiliency helps customers address this challenge daily.
Advancing Mainframe Security: The Role of Ethical Hacking
The good news is that cybersecurity disciplines are advancing. Penetration testing, an offensive security practice which simulates adversarial Tactics, Techniques and Procedures (TTPs), is particularly effective. This type of offensive testing is crucial for identifying and rectifying vulnerabilities before they can be exploited by an adversary.
Penetration testing on mainframes, or ethical mainframe hacking, is a unique skill. It requires a deep understanding of both the mainframe’s technicalities and the TTPs used by cyber adversaries. Recognizing this need, Broadcom has stepped up to bridge the knowledge gap by offering a no-cost, instructor-led course on Ethical Mainframe Hacking.
Broadcom's No-Cost Ethical Mainframe Hacking Course
Broadcom's course is designed by mainframers, for mainframers. At no additional cost to Broadcom Mainframe customers, this course dives beyond the surface of traditional mainframe topics, serving as an introduction to penetration testing. Rather than selling a service, the aim is to empower the mainframe community with the knowledge and skills necessary to safeguard their systems by completing penetration testing in-house with a high degree of effectiveness.
Benefits of Ethical Mainframe Hacking
What to expect from the course
Participants will learn about the various layers of the mainframe stack, including the operating system, USS, ESM, and network components. The course covers the latest attack vectors and techniques for gaining system access, guiding attendees through an end-to-end penetration test. Attendees will explore the operating system and utilize open-source tools like Nmap, Python, Kali, and Metasploit. They will also learn to write their own tools using REXX, JCL, C, and Python.
The course comprises lectures, instructor-led demonstrations, and hands-on lab activities, ensuring a comprehensive and practical learning experience.
We’ll see you in the next course!
By embracing Ethical Mainframe Hacking and equipping professionals with the necessary skills, we can protect these critical systems from sophisticated cyber threats. Broadcom's no-cost Ethical Mainframe Hacking course is a significant step towards achieving this goal, ensuring that the mainframe community remains resilient in the face of evolving cyber threats.
View course schedule to enroll in your next class.