The fight against “bad Guys” depends on always having more knowledge than them, and… They currently know a lot!

Mainframe Hacking & Auditing Course

Version 2020

The only Online Course in the world that includes dozens of years of experience in security, hacking, and auditing on z/OS systems taken to your own home, with our ONLINE version.

Curso disponible también en Español.

Training VA060 Main image

Get your Bsecure Certificate to show that you are an expert in deep Mainframe security techniques to audit and hack mainframes infrastructures.

Threats In Mainframe Systems are different?

Most of the critical mission businesses based on Mainframe infrastructures believe that in this environment, there are not the applicability of terms like:


- Ransomware

- Hacking

- Denial of Services

- Logic Bombs

- Trojans

- Backdoors

...

We have developed this unique training course to help you to avoid, understand, advise, and Auditing all the Mainframe security aspects.


Course Presentation

Knowledge is Security!



Mainframe Security Is Important To Your Business

Mainframes support 70% of the critical information in the world.

It does not matter how much money you spend on the rest of the infrastructures that surround it if the heart of the data is at risk.

The most prominent businesses in the world would be affected: banks, retail, security, and army forces, public finance, insurance.

Please attend this short video where we explain what the current security and audit situation in Mainframe infrastructures are.

Knowledge is Security!

Life of millions of people would be affected — and especially to professionals paid to avoid it.



What will you learn In this course?

Check orange image0 Learn what are the basic about how z/OS works. Enough to understand what are THE RISKS that you need to face like a Mainframe Security professional.

Check orange image1 Understanding how z/OS works. Enough to learn about how to steal information, deny service, inject malware, install open doors ...

Check orange image2 Learn how to appropriately audit complex mainframe environments, fully understanding the vulnerabilities and threats.

Check orange image3 Learn how to map the controls with the last regulatory compliance.

Check orange image4 To Create your Test Lab practically no cost.

Check orange image5 How you could create logic bombs that will cause the Production and Backup z/OS infrastructures to stop both at the same time working for days or weeks.

Check orange image6 Crack accounts of other users and learn How Infect systems with Malware automatically.

Check orange image7 Acquire enough vocabulary and understanding to act like an auditor, Manager or specialist in Mainframe security.

Unique worldwide Online Training Course Starting From A Basic User And Achieving The Correct Audit and Security knowledge to act like an excellent professional

This Training is for you if...

    You are responsible for security in a mainframe infrastructure. And your company or client may be the target of a contingency that may cause a loss of value (stock, assets, customers, prestige, etc.). Therefore you are responsible for endangering your work, your company, and your personal future. You need to audit or secure a z/OS environment, and your client is a target subject to possible uncontrolled penetration through the actions taught within this training. You are responsible for the security or a z/OS environment. And you need to UNDERSTAND how a simple user, without privileges, can take control of your mainframe environment. He could steal information, turn off your Mainframe IT Services for days, or make a Ransomware to your company, in an example. And using exclusive documentation that is publicly accessible on the internet.

Don't Miss This Special Momentum

Save Time And Money, Enroll Today!

Become a security expert. Remember, this is a Risk-Free chance!


Training disponible también en Español.

During our time together in this Amazing Training, we’ll walk you through eight content-rich sessions designed to help you become a security expert.

We have been training professionals for the past fourteen years. In the beginning, we designed a course to evangelize those responsible for the security of the mainframe (system programmers, auditors, CSOs, CIOs ...). We showed them that the certainty that everyone had about the inviolability of the mainframe was false. The online training was theoretical at that time, and it clearly showed that it was not enough to achieve our goal.

Eight years ago, we developed a practical part for the training with which to demonstrate in workshops what we said theoretically with the application of knowledge extracted from the Internet.

image

With training minimal in the architecture of the system, we could achieve an escalation of privileges with basic users. This fact allowed us to make a lot of attacks on a mainframe target and its connected environments.

We decided to develop this online training with the aim of reaching as many professionals as possible in the shortest time!

The content of the online Training has been tested by hundreds of professionals dedicated to audit & security within the Mainframe environment with an excellent score. As a sample, we show the comments of our students who attended the Course ONLINE.

After training hundreds of professionals, we are sure that the Course meets the expectations of all the professional profiles that acquired it, as employees of large corporations, or in a personal way.

image

The incredible is believable

Today, the Internet has terminated with the dark age of technologies that did not have wide dissemination of knowledge, as was the case with technologies around the mainframe. You can find absolutely everything that is needed to make an atomic bomb on the internet. At the same time, you can find on the Internet everything pieces necessary to steal information, deny service, etc. You only have to focus on the searches and read a few specific manuals.

Two decades ago, the possibility of entering without permission the IT systems of a nuclear power plant, a power plant, a water control center of the largest cities on the planet was incredible. But it has happened.

The thought that a plane would become a deadly weapon or just a van could kill hundreds of people was incredible.

But, today, it is credible because it is happening.

Why do you still think that your mainframe environment is not attackable? Or why do you think that will never happen to you?

Can you believe?

We put this example in Youtube for many years.

People told us that it was impossible and that the video had to be fake. Even some came to insult us and threaten us to lie. At that time, we just wanted to evaluate the feeling of the people related to the Mainframe.

We show how a normal userid could take control of the system without the ESM can detect it. It is a real example. A lot of people reviewed the JCL that we executed, and they cannot understand where was the key to do it. And it was in front of their faces.

Watch it to believe it!

Knowledge is Security!

Please read the English subtitles on the right side of the video screen.

New online training Course!

No other training course like this

The most economical way in times and money to acquire the necessary knowledge by Managers, Auditors, Security Technicians, System Programmers ...

It is the only Online Course in the world dedicated to teaching Auditing, security, and hacking z/OS systems in Spanish and English.

What's included:

This Course comprises eight ONLINE training sections with a massive amount of additional content.

  • Introduction to the Course and the z/OS environment
  • Acquisition of the necessary basic technical knowledge
  • The Security of the Mainframe and the Internet Paradox
  • Management of Test Labs z/OS
  • Acquisition of the Knowledge Needed for the Use of the Laboratory
  • Methods to compromise the availability, integrity and confidentiality of information inside a mainframe infrastructure
  • How to Auditing
  • Audit and Regulatory Compliance
  • Course Summary and Keys to avoid and mitigate the threats
  • Plus! Get these fast action Bonuses:

    Acquiring the Course will additionally get these impressive materials:

  • A library with a toolkit of penetration and theft of data
  • A tool kit for password discovery under windows and Mainframe environments
  • Eight content-rich training sections!down arrow blue image

    Section 1: Introduction to the Course and the z/OS Environment

    Establishment of the course objectives and general vision of the z/OS environment. What makes this system so different in many ways: Solid, fast, supposedly safe and expensive.

    Section 2: Acquisition of the Basic Knowledge Needed.

    To adequately follow the lessons that are aimed at hacking, denial of service and Trojans, you must have basic training on the architecture of the z/OS system and how to manage it. They are reviewed and taught:

  • The necessary system parameters that are interesting for our intentions
  • The use of the TSO/ISPF interface
  • The architecture of the system to understand why we do certain techniques later
  • How we talk to the system through the JCL
  • Basic Jes2
  • Section 3: Mainframe Security and the Internet Paradox

    External Security Manager software controls the z/OS system and its subsystems. In this case, we will study the concepts and essential and the way of acting that provides the manufacturer called RACF. What we do with it in the face of hacking techniques perfectly suits the others that exist in the mainframe environment: TOP Secret and ACF2.

    The only thing that interests us about the External Security Manager is how we can crake the user's password and how to pass at his side and not through him.

    Section 4: Management of Z/OS Testing Labs

    The objective of this section is to understand how to create a test laboratory with zero cost, from where you can try the techniques that you will learn below.

    Section 5: Acquisition of Knowledge Needed for the Use of the Laboratory

    In this section, you will acquire the necessary knowledge to manage and adapt the laboratory to the environments in which we are interested in doing the practices. We will also perform the first footprinting techniques to study the environment and evaluate what would be the most appropriate techniques to achieve our goals.

    Section 6: Methods to compromise the availability, integrity and confidentiality of information inside a mainframe infrastructure

    The time has come! We are going to put ourselves in the shoes of a hacker. And with the information acquired in the previous section, we will take control of the system, infect all its libraries, introduce Trojans and teach a denial of service level.

    Section 7: Audit and Regulatory Compliance

    This section is oriented to the Auditors. With the knowledge acquired during the training, one of the best audit checklists in the mainframe world should be handled. It is exciting both for those who will ask the questions and for those who should give the answers. We will discuss in addition the different controls and normative regulations affecting the mainframe environment.

    Section 8: Course Summary and Keys to avoid and mitigate the threats

    It is time to summarize what has been learned in the Training. And to propose solutions to prevent these techniques from being successful in our environments.


    El curso está disponible también en Español.

    Who should join this program?

    • IT Managers to understand the risks that are subject to their responsibility.

    • System Administrators to understand what analysis they must do in their work to minimize the security risks of the environment.

    • Security Auditors with the need to acquire the most excellent possible knowledge about the mainframe environment for their job.

    • Security Profesionals to know the mainframe security environment in which to develop professionally.

    • Security Administrators to understand that part of the defense of the mainframe environment is their work.

    What people say about Online Mainframe Hacking & Auditing Course 2020

    Your time is NOW. Limited time offer expires soon!

    Meet your Master Trainer



    AGR is currently the CTO of Bsecure - The Mainframe & Security Company and leader of the security, hacking, and auditing group in z/OS environments. Professional of recognized prestige. In his more than 30 years of experience, he has carried out multiple works related to the audit and security management strategy in the mainframe environment (currently z/OS). In his beginnings, he worked as Technical Director of Spain, Iberia, and EMEA (South of Europe) in companies such as Software AG, Goal Systems, Legent. In 2002 he founded Bsecure to respond to the lack of sensitivity on the need to impose security methodologies, which could stop the progress of the hacking world towards these environments based on the mainframe infrastructure.


    angel-image

    In 2008 he created the first audit and hacking course in z/OS systems in the Spanish language. With it, he has trained dozens of security professionals from the largest companies in the Spanish and Latin world. At this moment, he directs a group of specialized security professionals in the mainframe infrastructures providing regulatory compliance, audit, and hacking services, strategies for the implementation of security systems, and intrusion tests in mainframe infrastructures. In 2016, he transformed the face-to-face course of auditing and hacking into an online course in the Spanish language. He is the principal teacher, and the version of the course in English is currently launching.

    Linkedin Profile: https://www.linkedin.com/in/angelgomezruiz

    Bsecure : https://www.go2bsecure.com

    Online Course Lead by +30 years Security Expert, Ángel Gómez

    Frequenly Asked Questions


    If this Course is new, How do I know if it worth it?

    The Course is based on a previous course in Spanish that was entirely face-to-face. It was taught once per year to more than 40 large clients and service companies, which added more than 280 professionals for eight years. It was taught in Spain and several countries in Latin America.

    The qualifications of our students, with all types of profiles, was between very good and excellent. Even so, we start from the comments made in the evaluations to add many improvements to this ONLINE Course.

    The ONLINE Course was tested during the past years 2017 and 2018, and the grades were tremendously positive, as can be seen in the comments of students.


    Are there more Courses like this?

    No, as far as we know, some courses teach the management of z/OS systems. Some other that focuses on how to work with the system, but none as ambitious as this one oriented to knowledge the system environment, security, hacking, and systems audit.

    There are five companies in the world with total dedication to security in the mainframe environment. Bsecure is one of them and is the mainframe security provider that decided many years ago to evangelize CIOs and other levels of managers, of the large companies that use these environments.

    This Course is unique in both Spanish and English.


    Could I acquire the knowledge of this Course without buying it?

    Everything can be learned. But the big difference is that the knowledge integrated into this Course is equivalent to dozens of years of experience.


    Why, if the Course has all these features and is so positive, is the pricing so low?

    In Bsecure, we decided to evangelize about the need to eliminate the idea that mainframes are safe for more than ten years. Unfortunately, we continue to see that in other environments, all kinds of actions are taken to avoid intrusions and DOS attacks. And not in Mainframe. So it is still necessary to acquire the basic knowledge by managers, auditors, security technicians, system programmers, and other professionals.

    The best way to realize this evangelization is precisely that knowledge is very, very affordable.This Course should have a cost of more than 100,000 dollars, taking into consideration the exceptionality and breadth of expertise inside it..

    We have done a Course that should be mandatory for any professional that has a relationship with the security and maintenance of mainframe environments. And for this, the pricing must be even affordable to any professional even in a personal way..

    Is it ethical to explain techniques as dangerous as those that appear in the Course?

    This topic has been discussed for a long time in forums and social networks. First, for the ethical part and secondly because teaching these techniques to mainframe customers could mean that other service companies with normal knowledge of mainframe security could to lose value. From an ethical point of view, the limit that we set ourselves when we started was to show only those knowledge that you can find on the Internet. And we have been cautious not to teach beyond that limit..

    Unfortunately, this limit is sufficient to perform the actions described in the Course.


    Is it a theoretical or practical Course?

    This one is a difference with other Courses. We have tried to teach minimal theory to understand why and how of the techniques that we show. And no more!

    It provides references and sufficient additional material to complement the depth of knowledge that the student wishes. We teach in the videos, the necessary knowledge required to understand and repeat the techniques showed


    What are the differences between the face-to-face course in person and this Course ONLINE?

    We hold The face-to-face course for five hours for five days in the morning. We saw that the accumulation of knowledge was vast in a short time. It was complicated to retain all the teacher's explanations at that time.

    The ONLINE course has two main positive differences:

    • The student controls what time to carry out the different sections of the Course, regardless of at what time of the day at which he or she does it.
    • If something is not bright for you, you can repeat the videos as many times as necessary until you understand it.

    You will always have the option of raising doubts and questions to Bsecure technicians related to company training via chat or email.


    How is the course structured?

    It composed of sections:

  • The Section for understanding the architecture of the system.
  • The Section to understand the software of External Security Systems.
  • The Section to learn how to set up a testing laboratory.
  • The Section to understand the techniques of investigation of environments (footprinting).
  • The Section to perform Hacking and infection practices.
  • The Section to learn probably the best audit checklist for this environment. And to learn to correlate the information of the Course with the regulatory compliance that affects the industry.
  • The Section where the knowledge acquired is summarized, and you learn the suggested solutions to avoid the success of all the techniques taught in the Course.

  • I am a professional with knowledge of LINUX and Windows, could I take the Course and take advantage of it?

    Indeed, any professional with experience in other operating systems can make analogies that help him to understand the operation of the z/OS system and the security issues around it.It is impossible to acquire all the necessary knowledge in less time and economic effort than in our offering..


    I am an auditor without in-depth knowledge in operating systems, could I do the course and take advantage of it?

    One of the main rules of the audit of IT environments is the need to understand the environment. You can not do technology auditing without understanding the technology. The problem with z / OS systems is that each aspect of the system and its subsystems are associated with dozens of manuals. Therefore, the question arises: What is the minimum that I have to know to get to audit such a complex system properly? The answer is in this Course.The course design provides the facility us that professionals with experience in other environments could acquire enough understanding of the environment z/OS. And allow to them to perform audits with a good knowing what they need request and what they must evaluate in the data that they give them..


    I am a CIO of a large company in which the Mainframe is critical in our IT Infrastructure. Why should I take the Course?

    In the case of Managers who have mainframe infrastructures among their levels of responsibility, they should understand at least the strengths and weaknesses of the systems. We find too often Managers convinced that, from a security point of view, a mainframe is impregnable, and only carrying out a security administration is sufficient.

    The design of this course will show them what the reality in the security of mainframe environments is. z/OS is an environment with strengths and weaknesses like any other IT infrastructure. You need to know, especially the weaknesses, to understand how to force everybody not to trespass your security lines.

    It is not the first time that a CIO whose experience has been exclusively in open systems takes the course. But above all, it should serve to convince you that this course should be mandatory for all professionals teams who have some relationship with security in the environment of the mainframe infrastructure (Read and Blue Team, IT Auditors, CSO, System Programmers).this Course should be mandatory for all professionals who have some kind of relationship with security in the mainframe infrastructure.


    I am an expert in security, specialized in penetration techniques in Open Systems (pentester). Why should I take the Course?

    Pentesters are more appreciated and valued the more environments they can manage. Nowadays, the internal networks of companies have mainframes connected, and sometimes they are even exposed to external networks too. Some times, for example, our customers send us a data dump to inform a problem with one of our software products. And we discovered that it comes to us by FTP directly from the mainframe. This fact shows a connection between the mainframe and our FTP server on the Internet.

    With the right completion of this course, you will get the certificate of achievement. This certificate will increase the value of any professional in the industry of IT security.


    I am an experienced Systems Programmer responsible for Mainframe infrastructures in a large company. In what aspects can I expect that the course helps me?

    It will be beneficial to you. When we created the face-to-face course a few years ago, we were curious about the usefulness it could have for this type of profile.

    This kind of profile has repeated this comment several times after complete the course:"With the day to day work, I have not ever a time to put me in the place of bad guys and focus on these critical security issues. This course has allowed me focusing on this type of problem and think about how to develop different actions to avoid this type of attack"..



    Legal Money Back Risk-Free Guarantee

    It's Time To Become An Expert And Keep Your Job and Data Safe!

    image

    The DIRECTIVE 2011/83 / EU OF THE EUROPEAN PARLIAMENT allows you to return the purchase made by online methods within 14 days of receipt.


    También disponible en Español.


    bsecure-image

    Paypal payment for EU Fiscal residents citizens



    Paypal payment for NOT EU Fiscal residents citizens



    If you are a TI university student or you have some official security certification (CISSP, CISA, ISO 27001, OSCP...), you can acquire the course with your personal data (not your company data) with an additional 65% discount, contact us at hablamos@go2bsecure.com

    Your credit card or PayPal payment is SECURE! We use the secure shopping cart services of Paypal. You will notice in your browser the little padlock symbol and the https:// (“s” stands for “secure!”)

    All major credit cards accepted.