Detailed Company Overview

Positive Technologies is a leader in result-driven cybersecurity. The company is a leading developer of products, solutions, and services that enable detecting and preventing cyberattacks before they cause non-tolerable events to businesses and entire economic sectors. Our technologies are used by approximately 4,000 organizations worldwide.

A new class of solutions — meta-products — is focused on an effective approach to cybersecurity. The first of them — MaxPatrol O2 — automatically detects and prevents attacks before unacceptable damage is caused to the company. MaxPatrol O2 replaces an entire cybersecurity monitoring center team, and only one person is needed to operate it. Such a protection system requires minimal knowledge and effort from specialists.

To demonstrate the effectiveness of the results-driven approach to information security, the company conducts cyber exercises, including on its own infrastructure, and publicly tests its products. Positive Technologies solutions are built on twenty years of research experience and the expertise of several hundred cybersecurity specialists.

The company is highly rated by international analytical agencies: Positive Technologies has been named a Visionary three times in the Gartner Magic Quadrant for Web Application Firewalls (WAF), and in 2021 it was among the top three global vendors with the highest annual sales growth of SIEM systems (according to IDC).

The company has ensured cybersecurity for major events such as:

2013 — World Summer Universiade in Kazan;
2014 — Sochi Olympics;
2018 — FIFA World Cup;
2018 — Russian Presidential Election;
2019 — World Winter Universiade in Krasnoyarsk;
2020 — Constitutional Amendments Voting;
2024 — Fidgital Games in Kazan.

Positive Technologies is known to the global community as a visionary and leader in ethical security research. Annually, the company’s specialists discover hundreds of zero-day vulnerabilities in IT systems of various classes and types, including products by Cisco, Citrix, IBM, Intel, Microsoft, and VMware. For discovering critical vulnerabilities, our experts have been recognized in the Halls of Fame of companies such as Adobe, Apple, AT&T, GitLab, Google, IBM, Mastercard, Microsoft, PayPal, VK, and Yandex. Information about all discovered vulnerabilities is provided to software vendors under the responsible disclosure policy and is not published until vendors release the corresponding update.

The Positive Technologies team knows much about information security and gladly shares its expertise with others:

  • For 14 years, it has been organizing its own international festival Positive Hack Days — the largest information security event in Russia and CIS. The company engages people from around the world who care about cybersecurity, including IT and security experts, business leaders, government representatives, white hat hackers, security researchers, students, and schoolchildren. PHDays Fest features hundreds of presentations, workshops, and practical competitions on analyzing the security of industrial control systems, banking services, mobile communications, and web applications. In 2023, the festival was held for the first time as an open urban cybersecurity festival, uniting security experts, technology developers, and residents and guests of Moscow;
  • Develops educational programs for leading universities and helps train top-tier specialists from student years: materials prepared by company experts under the Positive Education program are used by over 65 Russian universities;
  • Organizes the world’s largest cyber battle Standoff, bringing together the best specialists in offense and defense from Russia and abroad. The testing ground recreates production chains, business scenarios, and technological landscapes typical for companies across industries, while exploring possibilities of unacceptable events and their prevention.

Products, Solutions, and Services of Positive Technologies

Over more than 23 years of operation, the company has developed a visionary approach to creating its solutions. Positive Technologies meta-products are transforming the industry and radically improving the security of companies, and through them — sectors and states. Thus, effective cybersecurity becomes accessible to any organization worldwide.

When developing solutions, Positive Technologies relies on years of practice and unique knowledge from its research center — one of the largest in the world. It employs white hat hackers researching the security of various systems and cybersecurity experts investigating real incidents and understanding attacker methods.

Positive Technologies' portfolio includes over a dozen high-tech products. They enable:

  • Stopping hackers automatically with just one person;
  • Monitoring infrastructure security and promptly finding vulnerabilities;
  • Detecting security incidents in infrastructures of any scale, including closed industrial systems;
  • Detecting attacks in companies' internal and external traffic;
  • Protecting web applications from sophisticated attacks;
  • Discovering vulnerabilities and errors in applications and supporting secure development processes;
  • Detecting and repelling targeted and mass attacks using modern malware;
  • Responding to cyber threats both at endpoints and across infrastructure by correlating events and context from multiple security systems.

Based on Positive Technologies' product line, several solutions have been developed that accumulate experience in protecting businesses across various domains and specifics of international security standards. In particular, the company offers solutions for:

  • Building distributed cybersecurity systems;
  • Establishing SOCs, including in small infrastructures;
  • Early detection of sophisticated threats;
  • Protecting web applications.

Additionally, the company provides maintenance and consulting services in cybersecurity: continuous business security analysis, detection of complex incidents, response and investigation, and monitoring of corporate system security.

Meta-products

MaxPatrol O2 is a meta-product that enables detecting and stopping attacker actions automatically with measurable effect by just one person. It addresses the severe shortage of qualified personnel in the industry and helps protect organizations worldwide.

Product Portfolio

MaxPatrol VM is a system for establishing vulnerability management processes and monitoring company IT infrastructure security. The product collects, updates, and stores complete asset information, identifies new vulnerabilities on nodes based on this data, and provides users with information about them, including knowledge about trending and most critical vulnerabilities (those needing immediate patching).

MaxPatrol SIEM is an information security event monitoring system. It is continuously updated with expert knowledge about detecting current threats and adapts to changes in protected networks. In 2020, MaxPatrol SIEM sales grew by 85%. As a result, the company became one of the top three global vendors with the highest annual SIEM solution sales growth. According to IDC Global research, Positive Technologies is the only Russian vendor in the top 20 global SIEM market (2021).

PT Network Attack Discovery is a deep network traffic analysis (NTA) system for detecting perimeter and internal network attacks. Provides visibility into network activity, detects attacker actions including in encrypted traffic, and assists investigations.

PT Sandbox is a sandbox protecting company infrastructure from targeted and mass attacks using malware and zero-day exploits. It checks incoming files and links in an isolated virtual environment, determines their maliciousness or legitimacy, and blocks threats.

PT XDR is a solution for detecting sophisticated cyber threats and responding to them. It collects and analyzes disparate data from multiple systems, enables detecting hacker actions in any infrastructure, and automatically responds to attacks. Based on the Positive Technologies product ecosystem and uses unique expert threat knowledge for attack detection.

PT ISIM is an industrial control system (ICS) network traffic analysis system. Helps find traces of information security violations in technological networks, detect cyberattacks early, identify malware activity, unauthorized personnel actions (including malicious), and ensures compliance with legal requirements.

PT Application Firewall is a web application layer firewall. Designed to protect organizational web resources from cyberattacks (DDoS attacks (L7) and zero-day attacks), as well as threats from OWASP Top 10 and WASC lists. Gartner Magic Quadrant Visionary.

PT Application Inspector is a tool for detecting application vulnerabilities. Its operation combines static (SAST), dynamic (DAST), interactive (IAST) methods and third-party component analysis (SCA). Enables security specialists to identify and confirm vulnerabilities in source code, and helps developers fix code faster during early development stages.

PT MultiScanner is a virus threat protection system. Detects malware, blocks its spread in infrastructure, and identifies hidden malware presence.

MaxPatrol 8 is a system for assessing IT infrastructure security. Helps determine security process effectiveness and ensures compliance with standards.

XSpider is a vulnerability scanner for assessing company network security levels. Checks workstations, servers, network devices, and web applications. Examines nodes without pre-installed agents.

PT BlackBox is an application security scanner using black-box methodology. Provides remediation recommendations. Simplifies R&D specialists' work.

Service Portfolio

Services for detecting complex incidents, responding to and investigating them, as well as monitoring corporate system security are provided by the Positive Technologies Expert Security Center (PT Expert Security Center (PT ESC)). Security services based on PT ESC products have proven effective during expert support for the 2014 Sochi Winter Olympics and 2018 FIFA World Cup: specialists helped repel 38,000 cyberattacks on transport directorate services.

Continuous business security analysis — Positive Technologies services for analyzing business protection against cyber threats. Help continuously assess company vulnerability to malicious actions, promptly prevent attacks, and eliminate their consequences. Service spectrum includes three areas: Pentest 360, APT emulation, and red team vs. blue team.

Hardware solution vulnerability and threat research — services by Positive Technologies expert team that help eliminate security risks related to hardware platform vulnerabilities.