Protect Mainframe Security Credentials from Being Overridden
To prevent an attacker from gaining control over security credentials used to access a mainframe host, you should do the following:
Use host-initiated Single Sign-On (SSO) in conjunction with valid host UID and PWD passed in the initial connection flows.
Set the ClientContext to not allow security credentials to be overridden when using the
SelectionHintproperty.
See Also
Transaction Integrator Threat Mitigation
Remote Environment Selection with the SelectionHint Property
Specifying a Remote Environment Programmatically