# MaxPatrol ## MaxPatrol Product overview **MaxPatrol SIEM** provides 360º visibility into infrastructure and detects security incidents. Regularly updated with knowledge from Positive Technologies experts. Effortlessly adapts to network changes. **Detects the important threats** Our experts’ know-how for pinpointing the latest threats is regularly encapsulated in expertise packs available from the PT Knowledge Base.MaxPatrol SIEM "gets smarter" all the time with PT KB, which helps users to detect attacker TTPs before serious consequences arise. **Reduces the burden on in-house experts** Expertise packs are based on constant monitoring of new threats, analysis of attacks, and incident investigations. This reduces the burden on in-house security experts in charge of monitoring threats and writing rules. Rules included in expertise packs do not require painstaking adjustment and are ready to use after simple configuration. **Gives 360º visibility into infrastructure** IT infrastructure becomes transparent to security staff: with inventory technology from the [MaxPatrol vulnerability and compliance management system](https://www.ptsecurity.com/ww-en/products/maxpatrol/), MaxPatrol SIEM fully enumerates assets and security gaps. Data is collected actively and passively from over 300 types of systems. ## MaxPatrol SIEM now processes up to 60,000 EPS Good news for companies with large geographically distributed infrastructures! The new version of MaxPatrol SIEM allows users to increase the data processing rate to up to 60,000 EPS and carry out investigations more quickly for all installations. ## Up-to-the-minute knowledge The Positive Technologies Expert Security Center and R\&D team monitor and perform research into new threats. Their know-how is regularly made available in expertise packs from the PT Knowledge Base. Expertise packs contain new rules, updated parameters for collection and incident handling, response recommendations, and reputation lists. Packs are automatically provided to MaxPatrol SIEM in order to detect threats before serious consequences arise. Correlation rules (included in expertise packs) can be easily customized to fit infrastructure. We provide detailed instructions and whitelists, which are prepopulated based on experience with real infrastructures. ![](https://gitlab.com/johnmkane/tech-recipe-book/-/blob/main/Book/Architect/SIEM%20SOC/MaxPatrol/Untitled) [MaxPatrol 8 and RedCheck Enterprise](/readme/architect/siem-soc/maxpatrol/maxpatrol-8-and-redcheck-enterprise.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://book.konstantinsecurity.com/readme/architect/siem-soc/maxpatrol.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.