Key features MaxPatrol
- Proactive protection of corporate resources through automatic monitoring of information security.
- Automation of compliance process control industry and international standards.
- Evaluating the effectiveness of information security and IT departments using an extensible set of safety metrics and KPI.
- Reducing the cost of audit and control security, training of IT and information security projects.
- Process Automation resource inventory, vulnerability management, security policy compliance monitoring and change control.
- Comprehensive analysis of complex systems, including network equipment Cisco, Windows platforms, Linux, Unix, Database Microsoft SQL, Oracle, networking applications and Web-based service of its own design.
- Built-in support for key standards such as the Standard ISO / IEC 17799 Standard ISO / IEC 27001, SOX, PCI DSS, NSA, NIST, CIS.
- Maximum process automation reduces labor costs and allows you to quickly monitor the status of security systems.
- Support Knowledge Base team of professional consultants, recognized industry experts.
MaxPatrol and ASU TP
The popular system Siemens SIMATIC WinCC specialists Positive Research found more than 50 vulnerabilities, including security flaws, as different vulnerabilities on the client side (XSS, CSRF), the introduction of SQL / XPath, read arbitrary files, the disclosure of user names and passwords, weak encryption and hard-coded encryption keys.
Some vulnerabilities have been quickly shut down by the manufacturer, to eliminate the other continues to operate Siemens Product CERT.
All new data has been entered in the system security controls and compliance MaxPatrol standards. It appeared SIMATIC WinCC configuration standard definition components have been implemented different automation systems manufacturers, support ModBus protocol, S7, DNP3, OPC.
Features MaxPatrol for APCS
- Search PLC / SCADA / MES vulnerabilities
- Built-in (safe) profiles for SCADA
- Проверки HMI Kiosk mode
- Checks Internet access
- Black / White list
- Antivirus / HIPS checks
- configuration analysis ACS software components Checking the integrity of configuration control and analysis of compliance with control standards (regulations, internal requirements) Access Control