MaxPatrol
Last updated
Was this helpful?
Last updated
Was this helpful?
Product overview
MaxPatrol SIEM provides 360º visibility into infrastructure and detects security incidents. Regularly updated with knowledge from Positive Technologies experts. Effortlessly adapts to network changes.
Detects the important threats
Our experts’ know-how for pinpointing the latest threats is regularly encapsulated in expertise packs available from the PT Knowledge Base.MaxPatrol SIEM "gets smarter" all the time with PT KB, which helps users to detect attacker TTPs before serious consequences arise.
Reduces the burden on in-house experts
Expertise packs are based on constant monitoring of new threats, analysis of attacks, and incident investigations. This reduces the burden on in-house security experts in charge of monitoring threats and writing rules. Rules included in expertise packs do not require painstaking adjustment and are ready to use after simple configuration.
Gives 360º visibility into infrastructure
IT infrastructure becomes transparent to security staff: with inventory technology from the , MaxPatrol SIEM fully enumerates assets and security gaps. Data is collected actively and passively from over 300 types of systems.
Good news for companies with large geographically distributed infrastructures! The new version of MaxPatrol SIEM allows users to increase the data processing rate to up to 60,000 EPS and carry out investigations more quickly for all installations.
The Positive Technologies Expert Security Center and R&D team monitor and perform research into new threats. Their know-how is regularly made available in expertise packs from the PT Knowledge Base. Expertise packs contain new rules, updated parameters for collection and incident handling, response recommendations, and reputation lists. Packs are automatically provided to MaxPatrol SIEM in order to detect threats before serious consequences arise.
Correlation rules (included in expertise packs) can be easily customized to fit infrastructure. We provide detailed instructions and whitelists, which are prepopulated based on experience with real infrastructures.