2026-06-25 –, Prime Dome
Yes, Mainframes are still around. They make up the core of a suprising number of large fortune 500 companies . I will cover what a Mainframe is at a high level, how they tend to work, and regular security flaws that we see on a daily basis when testing these systems. If you've ever saw a movie and they say 'theyre hacking the mainframe', now you'll know what theyre talking about! By the end of this talk you'll know what a dataset is, how to test Unix (yes, Unix), and what these acronyms mean: JES2, RACF, NJE, TSO, OMVS.
Do you want to learn about security testing mainframes? This talk is for you. Are you mainframe curious? This will be a good intro to common things that are identified when doing Mainframe testing. There will also be a rant about CVEs, or that lack thereof in the z/OS world. Look, mainframes aren't going away, and the number of people who can secure them is shrinking, its time for like minded people to rise up and help keep this critical platform safe.
David M. N. Bryan is a seasoned hacker and security professional with over 25 years in the information security space. Currently at NetSPI, David specializes in penetration testing across a broad range of technologies, including mainframes, ATMs, storage systems, IoT devices, payment systems, and more.
David’s career spans both offensive and defensive security roles—from securing a top ten bank’s infrastructure to helping protect the DEF CON network. A long-time DEF CON goon, he’s contributed to the community for decades and brings deep expertise in areas such as embedded systems, network and wireless security, web application testing, and physical security.
He has shared his knowledge at major security conferences including Black Hat, DEF CON, ToorCon, LayerOne, ToorCamp, BSides, and AppSecUSA, among others. Most recently, David was part of the NetSPI Mainframe team that took first place in the Capture the Flag competition at the Share 2025 Mainframe Conference in Washington, D.C.