Biographical Sketch: Ray Overby is an IT professional with thirty years’ experience in software development, security consulting and systems programming in the large computer systems arena. He has extensive security product-development experience, primarily with ACF2 and RACF. Ray began his career in Chicago at SKK, Inc. in 1981 working on the ACF2/MVS software development team. During his tenure at SKK Ray designed and implemented the first distributed database for userid propagation across networks. After SKK was acquired by CA, Ray left in 1988 to form his own company, Key Resources, Inc. Ray specializes in security product conversions and merges, security audit and reviews, and z/OS penetration testing. His latest achievement is the development of the z/OS Vulnerability Analysis Tool software product which scans z/OS systems for vulnerabilities introduced by IBM, ISV’s and locally developed programs and exits as required by PCI-DSS, NIST 800-53 and ISO 27001. These vulnerabilities would allow users to bypass the z/OS Operating System and security system controls to obtain unauthorized access to datasets without producing any SMF logging records of the access. Ray has been published in z/Journal, and Technical Support Magazine and has been a speaker at SHARE, regional Computer Security Groups, and a variety of security conferences.