Overview
Detects the important threats
MaxPatrol SIEM "gets smarter" all the time thanks to expertise packs supplied by the Knowledge Base component, helping users to detect attacker tactics, techniques, and procedures before serious consequences happen.Reduces the burden on in-house experts
Rules included in expertise packs do not require painstaking adjustments and are ready to use after simple configuration.Gives 360º visibility into infrastructure
IT infrastructure becomes transparent to security staff: with inventory technology from the MaxPatrol vulnerability and compliance management system, MaxPatrol SIEM fully enumerates assets and security gaps. Data is collected actively and passively from over 300 types of systems.
Detection of malicious activity in traffic
02
MaxPatrol NAD Sensor provides full network visibility. This component analyzes network traffic in depth, passively collects data about assets, and detects attacks. The component notifies in real time about attackers’ attempts to expand their presence in infrastructure, steal data, exploit vulnerabilities, use hacker tools, or contact C2 servers.
Up-to-the-minute knowledge
03
The Positive Technologies Expert Security Center and R&D team monitor and perform research into new threats. Their know-how is regularly made available in expertise packs from Knowledge Base. Expertise packs contain new rules, updated parameters for collection and incident handling, response recommendations, and reputation lists. Packs are automatically provided to MaxPatrol SIEM in order to detect threats before serious consequences arise.
Correlation rules (included in expertise packs) can be easily customized to fit infrastructure. We provide detailed instructions and whitelists, which are prepopulated based on experience with real infrastructures.
04
Key benefits
Stay on top of changes in infrastructure
05
MaxPatrol SIEM accurately identifies IT assets even in a shifting landscape. Asset groupings adapt to the latest network changes. With these features, it's easy to configure correlation rules for keeping an eye on systems that have outdated software or particular vulnerabilities.
Advantages
Regularly updated for better threat detection
Every two months, MaxPatrol SIEM is updated with expertise packs containing new correlation rules, indicators of compromise, and playbooks.Fast development
With two releases a year, we regularly introduce new technologies and constantly expand our product development team.Lower threshold for entering a SIEM world
With each release of MaxPatrol SIEM, we boost efficiency for experts—and reduce the barrier to SIEM entry for novices.
Add event sources for free
08
During deployment, we connect business systems to MaxPatrol SIEM free of charge—even business systems that are esoteric or custom-developed.
Get in touch
will contact you shortly