VM: the next generation
01
How to detect and manage vulnerabilities is a top priority for any infosec professional. Across industries, these professionals use security analysis tools to perform a deep scan of all systems in automated mode, identifying vulnerabilities and hardware configuration errors. Nevertheless, issues remain after scanning. For effective vulnerability management, it is necessary to decide which of these remaining issues are the most critical for the infrastructure, how to correctly prioritize elimination tasks, and how to assess what actions affect the company's security level. Next-generation vulnerability management systems are able not only to identify vulnerabilities quickly, but also help build the entire vulnerability management process.
Overview
02
MaxPatrol VM is a next-generation vulnerability management system. The solution allows you to build a full-fledged vulnerability management process and control it during both routine operation and urgent scanning.
With MaxPatrol VM you can:
- Get complete and continuously updated data on the IT infrastructure.
- Factor in the significance of protected assets.
- Identify, prioritize, and set vulnerability processing rules for the IT department.
- Control vulnerability elimination.
- Monitor the company’s overall security level.
MaxPatrol VM is based on the unique security asset management (SAM) technology. This allows MaxPatrol VM, using active and passive data collection, to build at any moment a complete and continuously updated model of the IT infrastructure under observation. By understanding the IT environment, the solution adopts and automates vulnerability management across all company systems, taking into account the importance of network components and infrastructure changes.
Interactive dashboards help to track the status and validity of critical asset scans, the appearance of new unassessed network assets, the number of high-severity vulnerabilities, and vulnerability elimination metrics.
03
How it works
Collects and maintains an up-to-date asset database
MaxPatrol VM collects the most complete intelligence on assets in the database. The database is refreshed and populated by scanning in black- and white-box mode and importing data from various sources: external directories (Active Directory, SCCM, hypervisors) and other infosec solutions (SIEM, NTA). Information is not duplicated and is tied to one specific asset.
Evaluates and classifies assets
Classification of assets by level of importance keeps the focus on priority nodes. The system also reports the appearance of new unassessed assets and potentially significant ones.
Identifies and prioritizes vulnerabilities
MaxPatrol VM performs deep scanning of the IT infrastructure, identifying vulnerabilities and configuration errors in information system components. It also allows vulnerability elimination methods to be set in line with severity levels and other parameters (vendor, OS version, and the asset on which vulnerabilities were found).
Defines policies
MaxPatrol VM scanning and elimination policies automate the execution of various operations on assets and detected vulnerabilities. For example, you can set a recommended scan schedule or a date for routine processing of vulnerabilities on multiple assets.
Monitors trending vulnerabilities
Positive Technologies provides current vulnerability intelligence. This helps to quickly identify high-severity vulnerabilities in the infrastructure and schedule priority scanning of systems where they might be present.
Controls vulnerability management
MaxPatrol VM tracks the dynamics of regular scans, helping infosec experts to control scan quality. Retrospective analysis makes it possible to assess the vulnerability elimination process and monitor compliance with policies and the level of infrastructure protection.
04
Use scenarios
Positive Technologies selects and reports the most relevant critical vulnerabilities for urgent scanning.
Infosec experts will not have to waste time studying external resources—they will already be aware of new dangerous vulnerabilities.
Each asset can be assessed by its level of impact on data confidentiality and integrity and on the performance of business-critical services. This helps to determine how dangerous the detected vulnerabilities are, as well as the time frame for eliminating them. With dashboards, it is easy to track the status and validity of critical network component scans.
MaxPatrol VM lets you set vulnerability elimination rules and control their implementation. This allows only the most dangerous vulnerabilities for the specific infrastructure to be processed manually by infosec experts.
05
Extra materials
Advantages
06
Passive data collection
MaxPatrol 10 VM integrates with MaxPatrol SIEM and PT NAD to provide additional asset intelligence and perform vulnerability reassessment.
In-depth understanding of the IT environment
Network transparency is achieved thanks to the unique asset management technology. MaxPatrol VM covers all hosts and systems, maps their configuration and interrelatedness, and monitors data validity.
System customization for your IT environment
MaxPatrol VM allows you to establish the vulnerability management process based on existing systems and their impact on the company as a whole. It helps to fine-tune newly introduced regulations and set the right priorities.
Protection control
The system operator can set scanning and vulnerability management policies. By visually displaying the work of the infosec and IT departments, dashboards help to control the level of infrastructure protection and eliminate vulnerabilities.
Expert support
The product vulnerability database is continuously updated. In addition, Positive Technologies reports the most critical vulnerabilities. You will be immediately informed when an urgent scan of the IT infrastructure is required.
Maximum process automation
Automation tools, such as asset grouping, trigger setting, and policy configuration, enable automatic vulnerability processing. This saves resources and minimizes the human factor.
Get in touch
will contact you shortly