Positive Technologies 2018-01-09T19:04:10+00:00

Positive Technologies

Security vulnerability analysis
and management solution

– Scheduling-based vulnerability analysis and automatic report generation
– Agentless Scanning and Checking Architecture
– domestic and foreign compliance support
– CVE support and rapid updates
– Providing visibility into SAP vulnerabilities
– Industrial SCADA support
– Over 1,000 domestic and foreign customers

MaxPatrol
MaxPatrol gives an unbiased picture of the state of protection at the system, department, node, and application levels. Pentesting, auditing, and compliance verification—combined with support for diverse operating systems, databases, and web apps—make MaxPatrol the perfect choice for auditing security in real time, all the time, at all levels of a corporate information system.

Key Features

All-in-one solution ensures consistent results

Small footprint: assessing vulnerabilities and configuration errors does not require installing agents on remote systems or providing elevated privileges. Regular use of the system and network is not interrupted. MaxPatrol leads the industry in lowest number of false positives.

Multilevel reporting tells the whole story

Get reporting that gives a full picture of the real level of protection all across the corporate IT infrastructure.

Presets ease compliance

Applying the security policies built in to MaxPatrol makes it easy to check system compliance with official and industry standards (ISO 27001/27002, SOX, PCI DSS, NIST, CIS). Set special policies to monitor compliance with in-house corporate security rules.

Key Benefits
MaxPatrol has the power of the XSpider vulnerability scanner at its core. The monitoring mechanisms present in XSpider have been enhanced and extended with database security and system verification modules. Information on the state of network security and possible threats is always up-to-the-minute, thanks to the combination in a single product of network and system scanners with database and web app verification mechanisms.

The high-performance network scanner in MaxPatrol quickly and effectively detects network nodes and open ports, and identifies operating systems and server applications. Because of the system’s distributed architecture, the scanner module can be located close to scan objects for maximum bandwidth efficiency.

Heuristic analysis pinpoints vulnerabilities in network services and apps. MaxPatrol requires a minimum of privileges for penetration testing, replicating the conditions that a real-life hacker would have to face when attempting to access the network. Expertly designed smart algorithms and vulnerability detection mechanisms, which have been proven in independent testing, carefully recreate the likely actions of actual attackers. This identifies errors in system configuration and allows detecting new, currently unknown vulnerabilities in network applications.

With remote access, the scanning module can perform a deep scan of device vulnerabilities at the OS and application level. This method is a resource-efficient way of getting a comprehensive security overview and analyzing settings that cannot otherwise be tested by pentesting.

The knowledge base includes system verification checks for common Windows, Linux, and Unix operating systems. Verification checks also cover network devices such as routers, switches, and firewalls (including Cisco IOS, Cisco PIX, and Cisco ASA).

Unlike traditional system scanners, MaxPatrol does not require deploying software modules on network devices. This simplifies protection and reduces the total cost of ownership. All verification checks are performed remotely via built-in remote administration mechanisms. When multiple protocols are supported by a device (such as Telnet and SSH), MaxPatrol selects the most secure method to ensure that sensitive data is protected at all times.

개념도