| Developers: | Positive Technologies |
| Last Release Date: | 2025/09/26 |
| Branches: | Information security |
| Technology: | Information Security - Information Leakage Prevention, Information Security Management (SIEM) |
The main articles are:
2025: MaxPatrol Carbon 25.6
On September 29, 2025, Positive Technologies presented an updated version of the system for automatically identifying potential routes of cyber attacks and proactive management of cyber resistance - MaxPatrol Carbon 25.6.
According to the company, after the first implementations, the meta-product confirms its effectiveness in practice and systematically develops towards supporting infrastructures that are diverse in composition and scale, speed and accuracy in determining key measures for preventive improvement of the company's security. Other important changes include expanding the variation of attackers' actions to implement an attack within the infrastructure, another approach to prioritizing threats, recommendations for strengthening network security and account privilege control.
 | In the updated version of MaxPatrol Carbon, we focused on the development of expert content. The product automatically simulates multi-stage cyber attacks on the company's critical systems. This allows you to proactively identify and eliminate the fastest and most dangerous ways of developing attacks, depriving hackers of the chance to cause unacceptable damage to the company. The variability of routes has grown, and, most importantly, they often include those that IT and information security specialists are not even aware of. told Mikhail Pomzov, Managing Director of Positive Technologies
|  |
The product has been updated based on feedback from users. The results of the first implementations confirm the effectiveness of the approach: the solution identifies the most critical shortcomings, the priority elimination of which allows information security and IT teams to reduce labor costs by four times to increase the level of protection against unacceptable events. This is achieved by accurately prioritizing tasks and concentrating efforts on key measures.
The number of combinations of tactics and techniques of attackers taken into account by the system when building routes increased by 58% compared to the previous release. MaxPatrol Carbon 25.6 models, in particular, the possibility of stealing credentials data during a Kerberoasting attack or obtaining them from (databases Active Directory ntds.dit). The attack on the authentications Kerberos protocol, during which passwords domain users can be taken over, is dangerous in that it does not require domain administrator privileges, is very simple to execute and is almost impossible to detect. The NTDS component, in addition to data on users, groups and, computers stores password hashes and therefore can be the target of attackers. MaxPatrol Carbon also models the ability to connect to the server to the Active Directory key distribution center, operate vulnerabilities in the infrastructure, and compromise endpoints.
MaxPatrol Carbon has recommendations for security compliance, network segmentation and account management to help avoid the issuance of redundant rights, among other things. Following the proposed critical measures, companies will be able to significantly reduce the attacker's capabilities in the infrastructure and complicate his task of developing an attack. Where legitimate methods of connection cannot be completely excluded, MaxPatrol Carbon helps to make it as difficult as possible for hackers to advance so that SOC teams get additional time both to identify suspicious activity and to respond to it.
The product takes an updated approach to prioritizing threats: along with assessing the number of steps on the attack route, their complexity and duration are also analyzed (the time it takes an attacker to reach the target system). Automatic ranking of potential cyber threats is even more accurate, so that information security and IT specialists can focus on the most important tasks - eliminating the most dangerous routes and implementing priority recommendations.
Version 25.6 has optimal scalability and is suitable for large infrastructures with more than 20,000 assets. The redesigned network topology analysis engine has optimized the creation of digital models: as of September 2025, it supports most of the network devices popular on the Russian market. Modeling potential routes of attackers takes from 30 minutes to several hours, depending on the composition of the infrastructure. Thus, MaxPatrol Carbon provides an operational and comprehensive assessment of the current state of security.
In addition, working with the system has become easier and more convenient. For example, added automatic detection of target systems with typical risk implementation scenarios, as well as detailed visualization of attack routes with the ability to export it to PNG or XLSX. Specialists can also create reports on recommendations made and analyze the number and danger of routes to target systems and, thus, always have a clear idea of the current level of cyber resistance of the company.
Since its commercial launch, MaxPatrol Carbon has received significant technological and expert development, confirming at the first implementations the effectiveness of proactive management not only of vulnerabilities, but also of all sources of threats in the infrastructure.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |