At the recent Vanguard Security & Compliance 2025 event (VSC 2025), security leaders came together to address today’s toughest mainframe security challenges, ranging from credential theft to Zero Trust adoption.
As a Platinum Sponsor, Broadcom highlighted how innovation is shaping the future of mainframe security. A key topic at the conference was the next release of ACF2 TM and Top Secret®, which is currently in a pre-GA release with select customers and vendors. This release is designed to strengthen identity protection, enforce modern credentialing, and align with broader enterprise hybrid IT and compliance needs.
The Security Dilemma: Evolving Threats vs. Legacy Defenses
Mainframes remain the backbone of the global economy, but the way they are sometimes secured hasn’t necessarily kept pace with modern threats. The platform itself is highly reliable, yet access points have become easy targets.
1. Credential Risks
Hackers don’t break in—they log in. Stolen usernames and short, easy-to-crack passwords are easy entry points, yet the industry still leans on outdated standards, such as NIST’s 8-character requirement. Attackers can crack these in minutes, leaving enterprises exposed until stronger, modern credentialing is enforced. With this, security has also shifted to a model requiring Zero Trust by default. The security of yesterday is not appropriate for the security today and tomorrow in how credentials are verified and in how identities are managed.
2. Encryption Challenges
Legacy algorithms like DES and AES-128 no longer provide adequate protection. With new attack vectors emerging and quantum computing on the horizon, organizations that depend on older encryption face growing vulnerability.
3. Compliance Pressure
Regulators demand stronger controls, but too many teams still rely on manual processes, disconnected tools, and legacy configurations. That means more time spent firefighting and addressing audits and less time focused on transformation, growth, and innovation.
4. Limited Automation for Repetitive Actions
Organizations still struggle to keep pace with enterprise hybrid IT needs, especially when it comes to delivering a secure, scalable, and modern experience for mainframe users. One example is self-service password reset: some customers at the conference shared that they still manage this manually, and that password resets remain their #1 support ticket request.
Together, these challenges create a critical gap: mainframes remain business-critical, but their defenses aren’t keeping up with the threats they face.
Conference Spotlight: Industry Voices at VSC 2025
At VSC 2025, speakers and attendees zeroed in on the issues weighing most heavily on security teams, like credential theft, Zero Trust adoption, and the need for stronger encryption. The message was consistent: mainframe defenses can’t stand still while threats advance.
Broadcom’s direction for the next release of ACF2 TM and Top Secret® directly answered that call, showing how modern capabilities can help enterprises close critical security gaps and prepare for what’s next.
ACF2 TM and Top Secret® Innovations
With the next release of ACF2 TM and Top Secret®, Broadcom will deliver a major uplift in mainframe security, combining stronger identity protection, modern encryption, and easier administration. This release is designed to help enterprises align with Zero Trust principles, stay current with regulatory demands, and prepare for the future of hybrid IT.
The next release of ACF2 TM and Top Secret® plans to deliver:
- Modern Identity Protection
- Grants the ability to leverage robust passphrase policy enforcement to align with broader enterprise IT password policies.
- Ensures Zero Trust is defined by default by ensuring the use of passwords, passphrases, passtickets, or MFA for all identities.
- Offers the ability to expand advanced authentication with multi-factor authentication (MFA) and privileged access management (PAM) integrations to strengthen defenses against phishing and insider threats.
- Quantum-Resistance Encryption and Ecosystem Currency
- Reinforces the need to move to modern credentialing with AES-256 encryption.
- Aligns with ecosystem currency and compatibility, including Day 1 support for critical systems such as z/OS (ex: z/OS 3.2), CICS (ex: 6.3), and more.
- Simplified Compliance and Visibility
- Improves audit readiness with automated reporting and greater transparency into security events, helping teams reduce exposure and meet regulatory requirements with confidence.
- Streamlined Administration and Automation
- Introduces true RESTful APIs, starting with self-service password reset and account unsuspend, allowing the enterprise to modernize and automate repeated tasks, just like distributed IAM experiences.
- Enhancements to administrative commands to simplify setup and configuration when adding access policies and viewing user information.
- Adds additional APIs in development, with collaboration and input welcomed — please reach out to your Broadcom representative.
Why Mainframe Security Matters
The themes from VSC 2025 echoed a clear reality: mainframe security can’t afford to lag behind modern threats. From identity protection to encryption and compliance, every
discussion reinforced the urgency of stronger, more adaptable defenses. The next release of ACF2 TM and Top Secret® plans to deliver exactly that: capabilities that respond to today’s challenges and position enterprises for what’s ahead.
ACF2 TM and Top Secret® Continue to Innovate
The next release of ACF2 TM and Top Secret® will help enterprises secure their mainframe, simplify operations, and stay aligned with the future of hybrid IT.
- Stronger security: Native Zero Trust capabilities, advanced authentication, and quantum-resistant encryption protect against current and future threats.
- Simpler operations: Modern interfaces, starting with self-service password reset and account unsuspend, reduce costly manual interventions, and improve efficiency.
- Future-proof: Built to support evolving regulations, hybrid IT integration, and enterprise IAM strategies that extend beyond the platform, this release will ensure your team is ready against tomorrow’s threats.
Stronger Together: Extended Capabilities
ACF2 TM and Top Secret® come with entitlements that help teams secure mainframes more efficiently, enforce Zero Trust, and modernize operations.
- Advanced Authentication Mainframe
- Eliminates static credentials with modern MFA factors, adds dynamic, risk-based authentication, and integrates seamlessly with existing applications.
- Trusted Access Manager for Z
- Requires validation of business need for privileged access, provides time-bound permissions, and enables granular auditing and forensics.
- Mainframe Security Insights Platform
- Automates data collection, reduces manual tasks like spreadsheet aggregation, and provides actionable, audit-ready reports with risk analysis.
Together, these tools extend the value of ACF2 TM and Top Secret®, helping teams:
- Enforce Zero Trust principles across their mainframe environment.
- Automate repetitive tasks, reduce manual errors, and reduce security exposure.
- Gain deeper visibility into compliance posture and security risks.
Stay Secure, Efficient, and Future-Ready
ACF2 TM and Top Secret® equip enterprises with tools to modernize mainframe security, streamline operations, and prepare for evolving threats. With features like advanced authentication, Zero Trust enforcement, quantum-resistant encryption, and automated reporting, ACF2 TM and Top Secret® help teams reduce manual effort, strengthen security, and maintain compliance.
The conversations and sessions at VSC 2025 highlighted the importance of these capabilities, reinforcing that mainframe security teams need solutions that are both powerful and practical.
Your next steps:
- Explore other Broadcom mainframe security solutions, including the ACF2 TM product page and Top Secret® product page.
- Learn more about mainframe security best practices and Zero Trust approaches in our Mainframe blog series and our Zero Trust webpage, including our recent breakthrough in storage efficiency.
- Reach out to Broadcom experts to discuss how the next release of ACF2 and Top Secret can support your team’s security and compliance needs.
0 Comments