Positive Technologies: Products and Services

Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection. Commitment to clients and research has earned Positive Technologies a reputation as one of the foremost authorities on Industrial Control System, Banking, Telecom, Web Application, and ERP security, supported by recognition from the analyst community.

State-of-the-art solutions are developed at Positive Research, the company's flagship research center and one of the largest in Europe. Positive Research experts have helped to identify and fix over 250 zero-day vulnerabilities in products from Cisco, Google, Honeywell, Huawei, Microsoft, Oracle, SAP, Schneider Electric, Siemens, and others, earning a reputation for world-class expertise in protection of devices and infrastructures at all scales from ATMs to nuclear power stations.

Findings by Positive Research are used for updating the MaxPatrol knowledge base and for development of security solutions including PT Application Firewall, PT Application Inspector, MaxPatrol Vulnerability and Compliance Management Solution, PT ISIM, PT MultiScanner and SS7 Attack Discovery. These products allow securing web applications, evaluating network protection, blocking attacks in real time, ensuring compliance with industry and national standards, and training security specialists. In 2015 and in 2016, the company was rated a Visionary in the Gartner Magic Quadrant for Web Application Firewalls (WAF).

Positive Technologies is the organizer of the annual Positive Hack Days international forum and security competition, in which over 4,000 experts take part every year.

Company specialists actively participate in organizations dedicated to information security (CEH, CIS, ISACA, Web Application Security Consortium), publish their works in various magazines devoted to practical information security, and regularly speak at major IS international conferences, including: Black Hat USA, CanSecWest, FIRST Annual Conference, HackInParis, Hack In The Box, ITSF, Microsoft Security Briefing, Nullcon, POC, Positive Hack Days, SAS, ZeroNights and others.

All Positive Technologies solutions are designed from the ground-up with industry-specific knowledge of how to protect business and a firm grasp of regulatory requirements. Company specialists lend their expertise to the standards-writing process to strengthen security requirements. Our products are compliant with a wide range of international security standards, including PCI DSS.

MaxPatrol — vulnerability and compliance management system. Pentesting, auditing, and compliance testing combined with analysis of operating systems, databases, and web apps. Continuous monitoring of security at all levels of information infrastructure. One of the world's largest regularly updated vulnerability knowledge bases.

PT Application Firewall — PT Application Firewall is a smart protection solution based on advanced technologies and ongoing global research. It provides proactive and continuous protection for your internet-accessible applications against both known and unknown attacks, including the OWASP Top 10, automated and client-side attacks, and zero-days.

PT Application Inspector — PT Application Inspector protects web applications of every scale: from landing pages and corporate portals to commerce, cloud services, and e-government systems. This multipurpose tool detects vulnerabilities and signs of undocumented features at each stage of the web application lifecycle.

PT ISIM — PT Industrial Security Incident Manager detects hacker attacks on ICS/SCADA systems and helps to investigate cybersecurity incidents at critical sites. Without interrupting normal operations, PT ISIM works in parallel to analyze a copy of network traffic, pinpoints relationships between security events, and shows easy-to-understand visualizations of potential attacks in the context of network topology and site layout.

PT SS7 Attack Discovery — PT SS7 Attack Discovery (PT SS7 AD) offers carriers the ability to rapidly detect, identify, and analyze attacks on their SS7 networks. And, unlike existing SS7 firewalls, it has no negative impact on mobile services.

PT MultiScanner — for maximum speed and accuracy in threat detection, PT MultiScanner performs multithreaded scanning combining several of the most popular anti-virus engines, along with other methods, including retrospective analysis of malicious file actions and reputation services.

Thanks to 14 years of experience in large-scale penetration testing and source code analysis, our experts have enormous experience with vulnerabilities in areas as diverse as telecoms systems, e-banking, ERP, and ICS/SCADA. We know the real-world methods that hackers use, so we can offer the most effective solutions for assessing client security and the most robust protection solutions.

As for providing consulting services, the Positive Technologies group is an expert in information security comprehensive audit, applications and web systems security assessment, incident investigation at critical infrastructures, penetration testing, and deployment of security monitoring processes.

Facts and Figures