Key Resources Inc. Announces z/Assure® CAM, Offering Automated Evaluation of Security Configurations for Corporate Mainframes

Automated compliance assessment solution provides security and operations teams with a continuous method to protect sensitive data and avoid non-compliance with corporate and regulatory policies.

LAKE VILLA, Ill.--()--Key Resources Inc., the leader in mainframe vulnerability scanning solutions and consultancy, today announced its automated compliance assessment solution z/Assure® Compliance Assessment Manager (CAM). A z/OS mainframe security configuration assessment and compliance evaluation solution, z/Assure CAM provides a consistent method for identifying and alerting teams to instances in which system configurations drift from policy, helping them to remediate misconfigurations before they result in security breaches or failed audits.

Compliance officers, mainframe programmers and security IT managers face a daunting task when manually monitoring complex z/OS mainframe security and compliance configurations. In addition, many organizations believe mainframes are more secure than they actually are, and as a result, these professionals typically only assess mainframe configurations when preparing for an audit every six months to once a year, leaving mainframes vulnerable to devastating data breaches. With z/Assure CAM, professionals can set up automatic monitoring to take place on a regular basis and verify z/OS configurations against standards based regulations and/or their own policies quickly and easily.

Not only does z/Assure CAM automatically assess system compliance against industry accepted regulatory standards from the National Institute of Standards and Technology (NIST) and the Defense Information Systems Agency (DISA), but it is the only product on the market that can be configured to verify compliance with an organization’s internal security policies. This capability allows organizations handling sensitive data to easily ensure mainframe configurations meet their own high-tier security benchmarks, and not just the industry standard.

“At Key Resources, we believe that security policy baselining and risk-based monitoring of z/OS security and configuration parameters are key components of a strong compliance program,” said Ray Overby, president and co-founder of Key Resources Inc. “We created z/Assure CAM to provide businesses with an automated tool to assess mainframe security configurations, evaluate compliance and even customize the monitoring process with their own security standards.”

The key features include:

  • Out-of-the-box compliance and best practices knowledge to simplify the process of setting appropriate system configurations.
  • Report scheduling to automate when and how often z/Assure CAM performs assessments.
  • Support for the 3 major Enterprise Security Management (ESM) software products (RACF, CA ACF2 and CA Top Secret) in a single solution.
  • “Grade”-based risk scoring provides a reliable metric for tracking progress against known best practice configurations.
  • Built-in exception management capabilities to manage information security risks associated with known exceptions.
  • Will verify that router settings meet an organizations network policy.

“z/Assure CAM is very easy to use and allowed us to align configuration settings with our internal security policy,” said the CIO of a Key Resources Inc. customer in the insurance industry. “We are very pleased with the specificity that the report provides us for meeting our compliance requirements. We are now more adept at identifying, classifying and fixing misconfigurations, thereby reducing breach risks.”

For more information about z/Assure CAM, please visit

About Key Resources Inc.
Key Resources Inc. is the leading expert on mainframe security vulnerabilities, empowering some of the world’s largest corporations in finance, insurance, healthcare and beyond to keep their most important IT systems secure. Since 1988, Key Resources Inc. has provided software, services and consulting to enterprises running critical apps on IBM® z/OS. We help CIOs, CISOs and programmers take control of mainframe security so they can protect their data, avoid costly breaches and maintain regulatory compliance. To learn more, visit


March Communications
Brandon Reid, +1 617-992-9262

Release Summary

Automated compliance assessment solution provides businesses continuous method to protect sensitive data and avoid non-compliance with regulations


March Communications
Brandon Reid, +1 617-992-9262