Positive Technologies: Products and Services

Positive Technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection. Commitment to clients and research has earned Positive Technologies a reputation as one of the foremost authorities on industrial control system, banking, telecom, web application, and ERP security, supported by recognition from the analyst community.

State-of-the-art solutions are developed at the company's research center—one of the largest in Europe. Positive Technologies experts have helped to identify and fix over 250 zero-day vulnerabilities in products from Cisco, Google, Honeywell, Huawei, Microsoft, Oracle, SAP, Schneider Electric, Siemens, and others, earning a reputation for world-class expertise in protection of devices and infrastructures at all scales from IoT devices and ATMs to nuclear power stations.

Findings by Positive Technologies researchers are used for updating the MaxPatrol knowledge base and for development of security solutions including PT Application Firewall, PT Application Inspector, MaxPatrol Vulnerability and Compliance Management Solution, PT ISIM, PT MultiScanner and PT Telecom Attack Discovery. These products allow securing web applications, evaluating network protection, blocking attacks in real time, ensuring compliance with industry and national standards, and training security specialists. For three years in a row the company was rated a Visionary in the Gartner Magic Quadrant for Web Application Firewalls (WAF).

Positive Technologies is the organizer of the annual Positive Hack Days international forum and security competition, in which thousands of participants take part every year.

Company specialists actively participate in organizations dedicated to information security (CEH, CIS, ISACA, Web Application Security Consortium, OWASP), publish their works in various magazines devoted to practical information security, and regularly speak at major IS international conferences, including: Black Hat USA, CanSecWest, FIRST Annual Conference, Hack In Paris, Hack In The Box, ITSF, Microsoft Security Briefing, Nullcon, POC, Positive Hack Days, SAS, ZeroNights.

All Positive Technologies solutions are designed from the ground-up with industry-specific knowledge of how to protect business and a firm grasp of regulatory requirements. Company specialists lend their expertise to the standards-writing process to strengthen security requirements. Our products are compliant with a wide range of international security standards, including PCI DSS.

MaxPatrol — vulnerability and compliance management system. Pentesting, auditing, and compliance testing combined with analysis of operating systems, databases, and web apps. Continuous monitoring of security at all levels of information infrastructure. One of the world's largest regularly updated vulnerability knowledge bases.

PT Application Firewall — PT Application Firewall (PT AF) is a smart protection solution based on advanced technologies and ongoing global research. It provides proactive and continuous protection for your internet-accessible applications against both known and unknown attacks, including the OWASP Top 10, automated and client-side attacks, and zero-days.

PT Application Inspector — PT Application Inspector protects web applications of every scale: from landing pages and corporate portals to commerce, cloud services, and e-government systems. This multipurpose tool detects vulnerabilities and signs of undocumented features at each stage of the web application lifecycle.

PT ISIM — PT Industrial Security Incident Manager detects hacker attacks on ICS/SCADA systems and helps to investigate cybersecurity incidents at critical sites. Without interrupting normal operations, PT ISIM works in parallel to analyze a copy of network traffic, pinpoints relationships between security events, and shows easy-to-understand visualizations of potential attacks in the context of network topology and site layout.

PT Telecom Attack Discovery — PT Telecom Attack Discovery (PT TAD) delivers targeted protection to SS7 and Diameter signaling networks. Combining rapid detection of all threat types with instant incident response, PT TAD can replace or work alongside your existing signaling firewall. PT Telecom Attack Discovery prevents breaches of personal data, call and SMS interception, subscriber location tracking, signaling fraud, and denial of service attacks.

PT MultiScanner — as a multistream malware detection system, PT MultiScanner finds threats with dramatically increased precision and speed by combining multiple anti-virus engines and supplementing them with other detection methods, including static analysis, and blacklists provided by Positive Technologies.

Thanks to 15 years of experience in large-scale penetration testing and source code analysis, our experts have enormous experience with vulnerabilities in areas as diverse as telecoms systems, e-banking, ERP, and ICS/SCADA. We know the real-world methods that hackers use, so we can offer the most effective solutions for assessing client security and the most robust protection solutions.

As for providing consulting services, the Positive Technologies group is an expert in information security comprehensive audit, applications and web systems security assessment, incident investigation at critical infrastructures, penetration testing, and deployment of security monitoring processes.

Facts and Figures