IBM has announced the general availability of three new software tools for IBM Z, its mainframe platform tailored for mission-critical workloads in sectors such as banking, government, insurance, telecommunications, healthcare, and large payment networks. The company describes this move as a response to a fundamental shift in enterprise computing: systems are no longer just executing processes but are starting to work with AI models, autonomous assistants, and hybrid workflows that expand the attack surface.
The launch includes IBM zSecure Detection, IBM zSecure Secret Manager, and IBM Z Database Assistant. All three solutions share a common message: safeguarding and modernizing environments where resilience, operational continuity, and traceability remain more important than the current technological trend. In a market dominated by public cloud and generative AI, IBM continues to assert that the mainframe is not a relic but a core component for workloads where failure is not an option.
The company points out that IBM Z maintains availability associated with highly resilient environments, with an average annual downtime of less than a third of a second, according to the ITIC 2025 Global Server Hardware, Server OS Reliability Report cited by IBM. While this metric should be viewed within its context, it explains why many organizations continue to run mainframe operations that support payments, checking accounts, records, transactions, and mission-critical systems.
Three tools for a new surface of risk
The first, IBM zSecure Detection, focuses on detecting suspicious activity within IBM Z environments. Its goal is to monitor behaviors that could indicate ransomware, anomalous movements, or attack patterns on z/OS. The idea is to provide security teams with a more operational view of what’s happening inside the mainframe, beyond traditional network perimeters or external infrastructure layers.
This is significant because many enterprise cybersecurity strategies have developed unevenly. Companies have invested in EDR, SIEM, XDR, cloud security, endpoint protection, and monitoring of distributed applications, but mainframe environments can be managed separately by different teams with separate tools. IBM aims to bridge this gap with dedicated Z software, connected to a broader hybrid defense approach.
IBM zSecure Secret Manager tackles another specific area: managing certificates and secrets in z/OS. Pressure on certificate lifecycles is increasing due to security concerns and industry practice changes. When certificates expire, they are often managed manually or distributed among teams without a unified control, creating not just technical risks but potential service interruptions, loss of trust, and exposure windows.
This solution leverages IBM Vault Self-Managed for Z and LinuxONE to bring more automated and consistent certificate management to z/OS. In large organizations, this aspect is often less visible than ransomware detection but is equally sensitive. Poorly managed certificates can break integrations, affect internal APIs, block access, or open the door to insecure configurations.
The third tool, IBM Z Database Assistant, introduces AI-driven capabilities into database operations on IBM Z. IBM positions it as a proactive, autonomous, and intelligent assistant for DBA teams, designed to accelerate tasks, improve operational performance, and help ensure the availability of critical data. The strategic takeaway is clear: IBM does not want enterprise AI to live only in new application layers but also in the daily operations of systems housing the most sensitive data.
| Tool | Main Area | Problem It Addresses |
|---|---|---|
| IBM zSecure Detection | Detection and response on z/OS | Suspicious activity, ransomware, and threats within IBM Z environment |
| IBM zSecure Secret Manager | Secret and certificate management | Shorter certificate lifecycles, manual processes, and fragmented management |
| IBM Z Database Assistant | Database operations with AI | Optimizing DBA tasks and maintaining continuous access to critical data |
| IBM Concert for Z | Vulnerability management | Visibility of risks in hybrid environments and applications over Z |
Mainframe, hybrid cloud, and digital sovereignty
This announcement should also be viewed through the lens of hybrid cloud. IBM has long argued that many companies will not move all their critical workloads to public cloud. Reasons include regulation, latency, continuity, cost, sovereignty, privacy, or reliance on legacy systems that remain reliably operational. For these clients, modernization does not mean replacing the mainframe but better integrating it with cloud architectures, automation, security, and modern development.
Regulatory pressures reinforce this stance. Finance, healthcare, telecommunications, and the public sector increasingly operate under requirements for operational resilience, third-party control, data sovereignty, traceability, and business continuity. In Europe, standards like DORA for financial sectors or NIS2 cybersecurity obligations heighten expectations for critical infrastructure and technology providers. In this context, configuration errors, poorly managed certificate chains, or security breaches in core workloads are not just internal issues—they can lead to regulatory incidents.
IBM also links these launches to Project Glasswing and Project Lightwell. Glasswing is part of its strategy to anticipate more advanced attack scenarios, including those related to border models. Lightwell aligns with IBM’s commitment to open-source security. The core message is that IBM Z security can no longer be limited to traditional systems; it must adapt to an environment where open source, AI, automation, and agents share the same operational space.
| Changes in the Business Environment | Impact on IBM Z |
| AI-driven operations | More automation but also greater need for control |
| Shorter certificate cycles | Increased operational risk if management remains manual |
| Sophisticated ransomware | Need for specific detection within the mainframe |
| Hybrid cloud | Integration between Z, cloud, data, and distributed applications |
| Regulation and sovereignty | Greater emphasis on traceability, control, and resilience |
| Open source dependency | Supply chain security requirements |
Why IBM Z remains relevant
Mainframes often receive little attention in public tech conversations but continue to underpin significant parts of the digital economy. Many banking transactions, insurance systems, administrative processes, and operations of large corporations depend on IBM Z platforms. This is not nostalgia—it’s a matter of reliability, transactional performance, security, compatibility, and decades of investment in critical applications.
The challenge is that these historical strengths are no longer sufficient alone. IBM Z operators face dual pressure: maintaining systems with extreme availability while connecting these systems with APIs, cloud applications, AI-ready data, DevSecOps processes, and new automation models. Modernization must not break what already works.
This is where IBM aims to position its new tools. zSecure Detection enhances security observability within z/OS. zSecure Secret Manager reduces reliance on manual processes in a highly sensitive area. Z Database Assistant brings AI capabilities to database management tasks. These are not isolated products but parts of a strategy to keep mainframes as the core of critical infrastructure in a more distributed world.
For cybersecurity teams, integration is key. A detection tool on z/OS is most valuable if its signals feed into enterprise response workflows. Secret management must align with identity, audit, compliance, and rotation policies. And an AI-based database assistant must demonstrate productivity gains without introducing automation risks over sensitive data.
AI for operating critical systems, not just content creation
The mention of agent-based AI is one of the most intriguing aspects of the announcement. In recent years, much of the enterprise AI discourse has centered on office productivity, text generation, conversational assistants, or process automation. IBM points towards a different layer: using AI to manage, protect, and maintain critical infrastructure.
That distinction matters. An agent helping to draft an email might make a mistake with limited consequences. An agent advising on critical databases, certificates, or security environments requires limits, auditing, explainability, and human oversight. In critical infrastructure, automation should aim to reduce operational errors, not create new opaqueness.
IBM Z Database Assistant exemplifies this tension. It can help accelerate DBA tasks, suggest improvements, and act as an operational copiloto, but its real adoption depends on trust—especially in environments where every change is carefully measured. Enterprise AI on mainframes won’t advance solely on promises of efficiency; it must demonstrate security, traceability, and the ability to operate within controlled change processes.
For IBM, this announcement reinforces a long-standing narrative: hybrid cloud, AI, and mainframes are not separate worlds. Critical workloads will continue to reside where they make technical, economic, and regulatory sense. Innovation will be about better protection, controlled open integration, and automation that preserves resilience.
The arrival of these tools doesn’t instantly transform the mainframe market but confirms a trend: critical infrastructure modernization is shifting from simple migration to improving operating software, security, secret management, and intelligent automation. For many organizations, the future isn’t turning off IBM Z but making it more observable, secure, and connected to the broader enterprise stack.
Frequently Asked Questions
What has IBM announced for IBM Z?
IBM has announced the general availability of IBM zSecure Detection, IBM zSecure Secret Manager, and IBM Z Database Assistant—three tools focused on security, secret management, and AI-driven database operations.
Why are these tools important?
Because IBM Z continues to run critical workloads in regulated sectors, and these workloads need enhanced threat detection, better secret management, and secure automation in hybrid environments.
What does IBM zSecure Detection do?
It monitors activity on IBM Z to detect suspicious behaviors, including potential signs of ransomware or other threats over z/OS.
What does IBM Z Database Assistant offer?
It introduces agent-based AI capabilities to help database teams optimize tasks, speed up operations, and ensure continuous access to critical data.
