Positive Technologies Conducts Open Cyber-Exercises, Tests MaxPatrol O2 in Battle

The cyber-exercises will be held on Positive Technologies' own infrastructure and can be viewed on Nov. 15 and 16

Positive Technologies has announced its intention to hold open cyber-exercises 1 on its infrastructure on Nov. 15 and 16. Interested parties can go to o2.standoff365.com and watch in real time as intruders probe defenses, see where they are at any particular moment, and evaluate whether they are able to hack the flagship of Russian cybersecurity.

The program builds on the notion that modern business requires change. Currently, there is increasing industry-wide demand for measurable and effective security to ensure that critical risks to companies, industries and countries can never be actualized. As a leader in the Russian information security market, Positive Technologies demonstrates how to implement effective cybersecurity by building defenses based on unacceptable events. The experience gained from these cyber-exercises will be used to further develop the company's metaproducts, in particular MaxPatrol O2, which detects and stops malicious attacks in automatic mode with measurable results, all controlled by just one operator. The metaproduct is designed to address the serious skills shortage in the industry and will help protect businesses around the world, thus making effective cybersecurity available to all companies, industries and even countries.

By opening up the cyber-exercises to a wide audience, Positive Technologies seeks to:

  • Demonstrate firsthand that unacceptable and destructive events can indeed be rendered impossible
  • Create a market precedent for obtaining and measuring cybersecurity results
  • Validate the time-tested methodology for achieving effective cybersecurity, allowing other market participants to use it in building their own protection systems
  • Evaluate the effectiveness of using the MaxPatrol O2 metaproduct in battle conditions: Operating in parallel with the classic SOC, unveiled by PT Expert Security Center and using Positive Technologies products (MaxPatrol SIEM, PT Application Firewall, MaxPatrol 8, PT ISIM). There will also be an expert armed with MaxPatrol O2, in tandem with these same products acting as sensors covering the target infrastructure. This will determine the metaproduct's ability to detect and repel complex cyberattacks.

At present, Positive Technologies has conducted two stages of closed cyber-exercises, involving first one and then two teams of attackers.

"Today, 99% of companies can be hacked in just a few steps, which means that unacceptable events can occur in any company with an IT infrastructure,” notes Alexey Novikov, Director of PT Expert Security Center. “Events that we determined as unacceptable for us are equally unacceptable for many companies. For example, the theft of funds over a particular amount and stealing of confidential information are threats that affect all industries, while the hacking of contractors through the software supply chain is the bane of vendors worldwide. The open cyber-exercises will be useful for both the infosec industry and the private sector: Our experience can be applied by other companies to raise protection to a new level. We are breaking the existing paradigm by holding open cyber-exercises and giving the whole world the opportunity to observe the progress of hacker attacks on a real company."

During the open cyber-exercises, the role of Positive Technologies' sparring partner will be played by a highly professional, cross-company team of infosec researchers, all experts in ethical hacking. Almost every red team project of theirs has proved successful, and they all have experience in finding zero-day vulnerabilities. The attackers' task is to actualize various events in the infrastructure that Positive Technologies defines as unacceptable. Moreover, there are practically no restrictions on the offensive team, which clearly distinguishes this format from pentests: The attackers can use any technical or social engineering means, and target any infrastructure element at any time of the day, regardless of the working hours of the victim company.

"Another equally important result of this project will be public verification of the absolute safety of working with Positive Technologies,” adds Svetlana Ozeretskovskaya, Head of Integrated Solutions Marketing at Positive Technologies. “Eighty percent of our customers are major Russian companies from the Expert-400 list, and it is vital for them to know their partner company can be trusted with their data. Open cyber-exercises, in my opinion, are the most honest way to demonstrate this.”

Positive Technologies plans to conduct its next open exercises in Q1 2022 and, just like now, give the whole world the opportunity to monitor the proceedings online.

  1. Cyberexercises are controlled attacks designed to assess and improve infosec experts' ability to detect and respond to cyberattacks.