A recruitment consultant will contact you soon.

CorreLog – Compliance with IT security

CorreLog, mainframe event logging and correlation software

Deploying CorreLog to supporting compliance with IT security

To meet its legal obligations in terms of computer security, one of the leading French banks wished to acquire a logging software and correlation of mainframe events.

Context and issues

New security obligations coming into force:

  • Military Programming Law designed to protect Operators of Vital Importance
  • GDPR to protect personal data
  • PCI DSS to protect bank card data
  • Requirement to set up a system for logging and correlating events
  • Need to integrate all mainframe events (RACF, ACF2, TSS, DB2, IMS, FTP, TSO, IND$FILE, etc.) in the SIEM
  • Compliance with security requirements defined by ANSSI

Solutions provided

The CorreLogzDefender software has been deployed on the client’s mainframe environments to trace all mainframe activity in real time.

zDefender makes it possible to:

  • Capture the activity from the information contained in the SMF record
  • Filter relevant information for security
  • Convert messages into a format usable by the SOC
  • Integrate messages in SIEM in real time


The expert's viewpoint

By integrating mainframe activity into the corporate SIEM, CorreLogzDefender can rely on the expertise and resources of the SOC (Security Operation Center). This means that the mainframe no longer makes any exceptions, making it key to the company's strategy and cyber security toolkit.

Development CorreLog VP
Peter Mills


  • Events are sent in real time to the SIEM allowing immediate detection of security anomalies
  • All mainframe activity is traced: RACF, ACF2, TSS, DB2, IMS, FTP, TSO, IND$FILE, etc.
  • zDefender is compatible with all SIEMs on the market
  • zDefender only consumes a few seconds of CPU time per day