Product overview

MaxPatrol SIEM provides 360º visibility into infrastructure and detects security incidents. Regularly updated with knowledge from Positive Technologies experts. Effortlessly adapts to network changes.

Detects the important threats

Our experts’ know-how for pinpointing the latest threats is regularly encapsulated in expertise packs available from the PT Knowledge Base.MaxPatrol SIEM "gets smarter" all the time with PT KB, which helps users to detect attacker TTPs before serious consequences arise.

Reduces the burden on in-house experts

Expertise packs are based on constant monitoring of new threats, analysis of attacks, and incident investigations. This reduces the burden on in-house security experts in charge of monitoring threats and writing rules. Rules included in expertise packs do not require painstaking adjustment and are ready to use after simple configuration.

Gives 360º visibility into infrastructure

IT infrastructure becomes transparent to security staff: with inventory technology from the MaxPatrol vulnerability and compliance management system, MaxPatrol SIEM fully enumerates assets and security gaps. Data is collected actively and passively from over 300 types of systems.

MaxPatrol SIEM now processes up to 60,000 EPS

Good news for companies with large geographically distributed infrastructures! The new version of MaxPatrol SIEM allows users to increase the data processing rate to up to 60,000 EPS and carry out investigations more quickly for all installations.

Up-to-the-minute knowledge

The Positive Technologies Expert Security Center and R&D team monitor and perform research into new threats. Their know-how is regularly made available in expertise packs from the PT Knowledge Base. Expertise packs contain new rules, updated parameters for collection and incident handling, response recommendations, and reputation lists. Packs are automatically provided to MaxPatrol SIEM in order to detect threats before serious consequences arise.

Correlation rules (included in expertise packs) can be easily customized to fit infrastructure. We provide detailed instructions and whitelists, which are prepopulated based on experience with real infrastructures.

MaxPatrol 8 and RedCheck Enterprise

Last updated