PT MaxPatrol

Vulnerability and compliance management system. Pentesting, auditing, and compliance testing combined with analysis of operating systems, databases, and web apps. Continuous monitoring of security at all levels of information infrastructure. One of the world's largest regularly updated vulnerability knowledge bases.

Key Features

  • All-in-one solution ensures consistent results

Small footprint: assessing vulnerabilities and configuration errors does not require installing agents on remote systems or providing elevated privileges. Regular use of the system and network is not interrupted. MaxPatrol leads the industry in lowest number of false positives.

  • Multilevel reporting tells the whole story

Get reporting that gives a full picture of the real level of protection all across the corporate IT infrastructure.

  • Presets ease compliance

Applying the security policies built in to MaxPatrol makes it easy to check system compliance with official and industry standards (ISO 27001/27002, SOX, PCI DSS, NIST, CIS). Set special policies to monitor compliance with in-house corporate security rules.


Key Benefits

MaxPatrol has the power of the XSpider vulnerability scanner at its core. The monitoring mechanisms present in XSpider have been enhanced and extended with database security and system verification modules. Information on the state of network security and possible threats is always up-to-the-minute, thanks to the combination in a single product of network and system scanners with database and web app verification mechanisms.

The high-performance network scanner in MaxPatrol quickly and effectively detects network nodes and open ports, and identifies operating systems and server applications. Because of the system's distributed architecture, the scanner module can be located close to scan objects for maximum bandwidth efficiency.

Heuristic analysis pinpoints vulnerabilities in network services and apps. MaxPatrol requires a minimum of privileges for penetration testing, replicating the conditions that a real-life hacker would have to face when attempting to access the network. Expertly designed smart algorithms and vulnerability detection mechanisms, which have been proven in independent testing, carefully recreate the likely actions of actual attackers. This identifies errors in system configuration and allows detecting new, currently unknown vulnerabilities in network applications.

With remote access, the scanning module can perform a deep scan of device vulnerabilities at the OS and application level. This method is a resource-efficient way of getting a comprehensive security overview and analyzing settings that cannot otherwise be tested by pentesting.

The knowledge base includes system verification checks for common Windows, Linux, and Unix operating systems. Verification checks also cover network devices such as routers, switches, and firewalls (including Cisco IOS, Cisco PIX, and Cisco ASA).

Unlike traditional system scanners, MaxPatrol does not require deploying software modules on network devices. This simplifies protection and reduces the total cost of ownership. All verification checks are performed remotely via built-in remote administration mechanisms. When multiple protocols are supported by a device (such as Telnet and SSH), MaxPatrol selects the most secure method to ensure that sensitive data is protected at all times.

Assessing Protection Level

  • Proactive protection of corporate resources with automatic infosec monitoring

  • Automated verification of compliance with industry and international standards

  • Evaluation of IT and infosec effectiveness via extensible set of security metrics and KPIs

  • Reduced costs for audits, protection level evaluation, and preparation of IT/infosec projects

  • Automated inventory, vulnerability management, verification of security policy compliance, and change monitoring

  • 360º analysis of complex systems, including Cisco equipment; Windows, Linux, and Unix systems; Microsoft SQL and Oracle databases; network applications, and in-house web services

  • Built-in support for key standards: SOX, PCI DSS, NIST, CIS

  • Maximum process automation: lower labor costs and faster reaction to protection changes

  • Knowledge base maintained by professional, industry-recognized consultants


Contact us

©2018 by CoreSec Distribution.

Visit CoreSec Consulting website: