Resources

Understanding CVE 2023-30990: The Vulnerability Exploiting the DDM

By Amneris Teruel on Tue, 07/25/2023

Discover CVE-2023-30990 - Unauthenticated RCE in IBM i DDM Service. Learn what this vulnerability is, how it impacts the IBM i, and how you can prevent as well as assess your exposure to it.

Article

Remember the IFS!

By Robin Tatam on Thu, 06/27/2019

Ask any security professional which area of IBM i security is most often ignored and chances are that the unanimous response is a chorus of “the Integrated File System.” Although it’s been around since V3R1, the Integrated File System, or IFS, remains a shrouded mystery that represents significant risk to many IBM i organizations.

Blog

Exit Points and Why Menu Security Isn’t Enough

By Robin Tatam on Wed, 05/30/2018

How do interfaces like FTP side-step IBM i menu security and give users uncontrolled data access through exit points? Robin Tatam explains in this short video.

Blog

Could Ransomware Like WannaCry Hit IBM i?

By Robin Tatam on Thu, 01/04/2018

Security expert Robin Tatam explains how WannaCry and similar ransomware can affect the unique IBM i operating system.

Blog

How to Apply IDS/IPS to IBM i

By Robin Tatam on Fri, 05/12/2017

IPS/IDS are common cybersecurity terms, but how does that pertain to the IBM i environment?

Blog

How Exit Programs Make the Greatest Impact on IBM i Security

By Robin Tatam on Tue, 03/28/2017

What do exit points have to do with cybersecurity? How do exit programs work? Robin Tatam provides a clear explanation in this video.

Blog

Cracking the Problem of Endpoint Security

By Robin Tatam on Fri, 03/24/2017

Endpoint security has been a hot topic in the technology and corporate sectors for a few years. Especially with the emergence of bring-your-own-device practices, it has become even more critical to put safeguards in place to ensure the security of sensitive information.

Article

How To Maintain Your Data Integrity

By Robin Tatam on Tue, 03/21/2017

File Integrity Monitoring (FIM) helps ensure that your critical and sensitive data is viewed and changed only by authorized personnel through approved channels. Candidates for FIM include application files containing sensitive data, such as personnel or financial data, and server configuration files.

Blog

How “Smash and Grab” Compromises IBM i

By Robin Tatam on Wed, 03/08/2017

During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.

Blog

IT Security Compliance 101

By Robin Tatam on Sun, 08/21/2016

In this compliance 101 primer, we'll look at three high-profile breaches from the past year, each of which shows what can go wrong when data oversight isn't up to snuff. Along the way, we'll discuss some basic fixes that can help shore up network defenses.

Understanding CVE 2023-30990: The Vulnerability Exploiting the DDM

Remember the IFS!

Exit Points and Why Menu Security Isn’t Enough

Could Ransomware Like WannaCry Hit IBM i?

How to Apply IDS/IPS to IBM i

How Exit Programs Make the Greatest Impact on IBM i Security

Cracking the Problem of Endpoint Security

How To Maintain Your Data Integrity

How “Smash and Grab” Compromises IBM i

IT Security Compliance 101

Contact Information

Privacy Policy

Cookie Policy

Impressum