MaxPatrol VM

MaxPatrol VM lets you build a full-fledged vulnerability management process and monitor the security of the IT infrastructure at all times.

MaxPatrol VM is based on the unique security asset management (SAM) technology. This allows MaxPatrol VM to collect data in active and passive mode, identify assets by multiple parameters, and use them to build an up-to-date model of the IT infrastructure. In this way, the solution shows what the protected IT environment looks like. Infosec experts can then adopt and automate the vulnerability management process, assessing the importance of network components for business processes and covering all company systems with due regard to infrastructure changes.

MaxPatrol VM separates asset intelligence and vulnerability identification. The solution remembers the results of previous asset scans, on which basis it automatically calculates the applicability of a new vulnerability to network nodes. This detects new vulnerabilities without additional scanning, enabling a much faster response by initiating immediate elimination or compensatory measures.

To make it easier to monitor the level of infrastructure security, MaxPatrol VM provides interactive dashboards. These help to track the status and validity of critical asset scans, the appearance of new unassessed network assets, the number of high-severity vulnerabilities, and vulnerability elimination metrics.



Continuously updates data related to IT infrastructure. MaxPatrol VM uses active and passive data collection to obtain full information.

Automates asset management. MaxPatrol VM automatically identifies assets, allowing you to assess their importance, assign them to groups, and control scanning and obsolescence.

Detects and prioritizes vulnerabilities. MaxPatrol VM leverages the continuously updated knowledge base in assessing the level of asset protection.

Establishes the vulnerability management process. Allows you to set scanning and vulnerability elimination policies and ensure compliance.

Monitors trending vulnerabilities. The PT expert team delivers up-tothe-second intelligence on critical vulnerabilities.


With MaxPatrol VM you can: 

  • Get complete and continuously updated data on the IT infrastructure.
  • Factor in the significance of protected assets.
  • Identify, prioritize, and set vulnerability processing rules.
  • Identify new dangerous vulnerabilities in real time.
  • Control vulnerability elimination and monitor the company's overall security level.



  1. Part of the all-in-one security platform MaxPatrol 10 for deep integration with SIEMand NTA-class products and cross-fertilization of asset intelligence
  2. In-depth understanding of the IT environment due to the unique asset detection technology
  3. Real-time vulnerability identification without rescanning on account of storing asset intelligence
  4. Expert support with notification of high-severity vulnerabilities
  5. Maximum automation of asset protection management and analysis


How it works


MaxPatrol VM collects the most complete asset intelligence. The database is refreshed and populated by scanning in black- and white-box mode and importing data from various sources: external directories (Active Directory, SCCM, hypervisors) and other infosec solutions (SIEM and NTA systems based on event and traffic analysis). The proprietary asset discovery algorithm consolidates intelligence on the same network node, even if obtained from different sources.


Classification of assets by level of importance keeps the focus on priority nodes while tracking new assets as they appear. The system additionally reports unassessed assets as well as potentially significant ones.


MaxPatrol VM performs deep scanning of the IT infrastructure: it detects vulnerabilities and configuration errors in information system components, and allows vulnerability elimination methods to be set in line with severity levels and other parameters (vendor, OS version, asset on which vulnerabilities were found).


MaxPatrol VM scanning and elimination policies automate the execution of various operations on assets and detected vulnerabilities. For example, you can set a recommended scan schedule or a date for routine processing of vulnerabilities on multiple assets.


Current vulnerability intelligence provided by Positive Technologies allows real-time discovery of high-severity vulnerabilities on the infrastructure, plus scheduled priority scanning of systems where they might be present.


MaxPatrol VM tracks the dynamics of regular scans, which helps infosec experts to control scan quality. Retrospective analysis makes it possible to assess the vulnerability elimination process and monitor compliance with policies and the level of infrastructure protection.


About Positive Technologies

Positive Technologies is a leading global provider of information security solutions. Over 2,300 organizations worldwide use technologies and services developed by our company. Positive Technologies is the first and only company in Russia to go public on the Moscow Exchange (MOEX: POSI).

For 20 years, our mission has been to counter hacker actions before unacceptable damage is done to a business or entire industries.

Our new class of solutions—metaproducts—focuses on the results-oriented approach to cybersecurity. Metaproducts detect and stop attacks in automatic mode with the help of just one person. Positive Technologies’ first metaproduct, MaxPatrol O2, automatically detects and prevents attacks before unacceptable damage is done to the company. MaxPatrol O2 can replace the entire team of a security monitoring center, and it only takes one person to manage it; all in all, this protection system requires minimum knowledge and effort from a specialist.

To demonstrate that the results-oriented approach to information security truly works, we conduct cyberexercises (on our own infrastructure as well as others’) and publicly test our products. Our solutions are based on the research experience and expertise of several hundred information security experts.