Defending Government Web Resources: How Lipetsk Region is Using AI-Driven Security to Thwart Cyberattacks

Since 2019, Lipetsk Region has relied on Positive Technologies’ PT Application Firewall (WAF) and PT Application Inspector (SAST/DAST), equipped with machine learning models to detect threats and vulnerabilities, to safeguard its government web resources.

Reducing Cyberattack Risk

On average, Lipetsk’s government systems face more than 500,000 attacks per week. The Positive Technologies stack has proven effective at repelling intrusion attempts. Authorities say PT Application Firewall was selected for its advanced capabilities: blocking targeted and mass attacks, OWASP Top 10 vulnerabilities, and zero-day threats. The solution automatically identifies vulnerabilities and prevents their exploitation.

The system now protects dozens of assets, including the official regional government portal, department websites, tech support sites, Bitrix-based resources, and a data center certified for Critical Information Infrastructure (CII) systems.

For citizens, this translates into more stable and accessible digital services. For the region, it means reduced cyber risk, especially during high-traffic periods like holidays or election days. In spring 2022, during a massive wave of cyberattacks on Russian organizations, the system held firm.

Globally, this serves as an example of effective DevSecOps and ML integration in the public sector.

Scaling to Other Regions

While Russian ML-powered solutions remain primarily for domestic use, Lipetsk’s approach could be a blueprint for other regions. Positive Technologies supports customers with integration, training, and implementation methodology. One competitive edge is the solution’s seamless integration with existing CI/CD pipelines—Lipetsk’s development team embedded it directly into GitLab without disruption.

Deploying PT Application Inspector reduced the workload of specialists tasked with fixing vulnerabilities, enabling the region’s security team to release and update government applications faster. Combined with PT Application Firewall, it gives them confidence in the cybersecurity of all web application-facing infrastructure

Anton Zhabelenko

Product Director for Application Security at Positive Technologies

Today, PT Application Inspector secures the code of dozens of applications and websites written in Java, JavaScript, C#, and PHP, ensuring vulnerabilities are addressed before release.

AI Security Tools

In the early 2020s, Positive Technologies expanded its portfolio with products like PT Extended Detection and Response (PT XDR) in 2021, designed for rapid threat detection and mitigation across servers and workstations, and MaxPatrol EDR in 2023, which detects malicious actions—even those masquerading as legitimate software—and stops them in real time.

By 2024–2025, AI modules like PentAGI and MaxPatrol’s vulnerability forecasting became standard in the public sector, predicting exploitation likelihood based on multiple parameters and producing a daily “Top 20 Threats” list for security teams.

A Comprehensive, Proactive Approach

Government agencies will always be prime cyber targets, making proactive defense essential. The combination of WAF and SAST with ML analytics delivers resilient web resource protection.

Looking ahead, Lipetsk’s model is likely to expand to other regions and departments. New AI-driven tools, especially those embedded in CI/CD workflows, are expected to strengthen Russia’s domestic cybersecurity market.