MaxPatrol VM

MaxPatrol VM is a next-generation vulnerability management system. The solution allows you to build a full-fledged vulnerability management process and control it during both routine operation and urgent scanning.

VMNG—what's changed?

How to detect and manage vulnerabilities is of concern to any infosec professional, regardless of industry. To address these tasks, companies use security analysis tools. They perform a deep scan of all systems in automated mode to identify vulnerabilities and hardware configuration errors. Nevertheless, issues remain after scanning. To implement vulnerability management, it is also necessary to decide which vulnerabilities are most critical for the infrastructure, what to start with, how to correctly prioritize elimination tasks, and how to assess what actions affect the company’s security level. Next-generation vulnerability management systems are able not only to identify vulnerabilities in good time, but also help to build the entire vulnerability management process.

Product overview

With MaxPatrol VM you can:

Get complete and continuously updated data on the IT infrastructure.
Factor in the significance of protected assets.
Identify, prioritize, and set vulnerability processing rules for the IT department.
Control vulnerability elimination.
Monitor the company’s overall security level.

MaxPatrol VM is based on the unique security asset management (SAM) technology. This allows MaxPatrol VM, using active and passive data collection, to build at any moment a complete and continuously updated model of the IT infrastructure under observation. By understanding the IT environment, the solution adopts and automates vulnerability management across all company systems, taking into account the importance of network components and infrastructure changes.

The MaxPatrol VM interactive dashboard

Interactive dashboards help to track the status and validity of critical asset scans, the appearance of new unassessed network assets, the number of high-severity vulnerabilities, and vulnerability elimination metrics.

How it works

Collects and maintains an up-to-date asset database

MaxPatrol VM collects the most complete intelligence on assets in the database. The database is refreshed and populated by scanning in black- and white-box mode and importing data from various sources: external directories (Active Directory, SCCM, hypervisors) and other infosec solutions (SIEM, NTA). Information is not duplicated and is tied to one specific asset.

Evaluates and classifies assets

Classification of assets by level of importance keeps the focus on priority nodes. The system also reports the appearance of new unassessed assets and potentially significant ones.

Identifies and prioritizes vulnerabilities

Performs deep scanning of the IT infrastructure, identifying vulnerabilities and configuration errors in information system components. Allows vulnerability elimination methods to be set in line with severity levels and other parameters (vendor, OS version, asset on which vulnerabilities were found).

Defines policies

MaxPatrol VM scanning and elimination policies automate the execution of various operations on assets and detected vulnerabilities. For example, you can set a recommended scan schedule or a date for routine processing of vulnerabilities on multiple assets.

Monitors trending vulnerabilities

Positive Technologies provides current vulnerability intelligence. This helps to quickly identify high-severity vulnerabilities in the infrastructure and schedule priority scanning of systems where they might be present.

Controls vulnerability management

MaxPatrol VM tracks the dynamics of regular scans, helping infosec experts to control scan quality. Retrospective analysis makes it possible to assess the vulnerability elimination process and monitor compliance with policies and the level of infrastructure protection.

Application scenarios

Learn about trending vulnerabilities

Positive Technologies selects and reports the most relevant critical vulnerabilities for urgent scanning. Infosec experts will not have to waste time studying external resources—they will already be aware of new dangerous vulnerabilities.

Monitor the security of critical assets

Each asset can be assessed by its level of impact on data confidentiality and integrity and on the performance of business-critical services. This helps to determine how dangerous the detected vulnerabilities are, as well as the time frame for eliminating them. With dashboards, it is easy to track the status and validity of critical network component scans.

Control vulnerability elimination

MaxPatrol VM lets you set vulnerability elimination rules and control their implementation. This allows only the most dangerous vulnerabilities for the specific infrastructure to be processed manually by infosec experts.

Advantages

Passive data collection

MaxPatrol 10 VM integrates with MaxPatrol SIEM and PT NAD, to provide additional asset intelligence and perform vulnerability reassessment.

In-depth understanding of the IT environment

Network transparency is achieved thanks to the unique asset management technology. MaxPatrol VM covers all hosts and systems, maps their configuration and interrelatedness, and monitors data validity.

System customization for your IT environment

MaxPatrol VM allows you to establish the vulnerability management process based on existing systems and their impact on the company as a whole. It helps to fine-tune newly introduced regulations and set the right priorities.

Protection control

The system operator can set scanning and vulnerability management policies. By visually displaying the work of the infosec and IT departments, dashboards help to control the level of infrastructure protection and eliminate vulnerabilities.

Expert support

The product vulnerability database is continuously updated. In addition, Positive Technologies reports the most critical vulnerabilities. You will be immediately informed when an urgent scan of the IT infrastructure is required.

Maximum process automation

Automation tools, such as asset grouping, trigger setting, and policy configuration, enable automatic vulnerability processing. This saves resources and minimizes the influence of the human factor.

Sangfor

PT Security

Seceon