Today starts an online hackathon organized by the MaxPatrol VM Positive Technologies team. Participants will develop vulnerability detection rules. There were no restrictions on the participation of PT employees, so I also applied and will share my impressions in the Telegram channel. 😏 I am very exited. 🤩
IMHO, involving the community in the development of security content is exactly what will radically improve the completeness and quality of vulnerability/misconfiguration detection in VM products. And that is the very essence of these products.
I watched the recording of the Positive Technologies webinar “How to use MaxPatrol VM API: theory and practice“. On the theoretical part, everything is clear: there is a documented API; it is the same for integrations and Web GUI. 🙂
On the practical side they showed:
🔻 How to use the MaxPatrol API in the Nightingale REST client (examples on GitHub). 🔻 Unofficial PTVM SDK. A small Python script with one class for working with the MaxPatrol API. 🔻 Positive CLI for MaxPatrol API. So, automation can be done simply with shell scripts! 😇 A much more functional project than the SDK, also in Python. The screenshots show the vulnerabilities with criticality calculated using FSTEC methodology and trending vulnerabilities with an exploit. 🔻 How to use the MaxPatrol API in the low-code tool n8n (e.g. sending query results to Telegram).
CISO Forum 2022: the first major Russian security conference in the New Reality. Hello everyone! After a two-year break, I took part in Moscow CISO Forum 2022 with a small talk “Malicious open source: the cost of using someone else’s code”.
CISO Forum is the first major Russian conference since the beginning of The New Reality of Information Security (TNRoIS). My presentation was just on this topic. How malicious commits in open source projects change development and operations processes. I will make a separate video about this (upd. added Malicious Open Source: the cost of using someone else’s code). In this episode, I would like to tell you a little about the conference itself.
MaxPatrol VM: An Ambitious Vision for Vulnerability Management Transformation. In this episode, I would like to share my thoughts about the new Vulnerability Management product by Positive Technologies – MaxPatrol VM. It was presented on November 16th, at the Standoff365 online conference (full video in Russian). The presentation and concept of the product were very good. I really liked them. However, as it always happens on vendor’s events, some critical topics were not covered. So I also want to highlight them. I will try to be as objective as possible. Although it is difficult for me, since I have worked in the company for 6 years, and many of my good friends work there.
Positive Technologies is best known in the Russian Vulnerability Management market. The volume of the Russian VM market in 2019 is $40-46 million. The volume of the world market, according to IDC, is $1.2 billion. So the Russian market is ~3% of the world market. And 78% of it is occupied by Positive Technologies products: Maxpatrol 8 and XSpider. Disclaimer: all numbers are from the Maxpatrol VM presentation and I haven’t done fact checking. But in this case, the numbers are not so important.
This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.
