Gartner® has recently unveiled its Hype Cycle for Security in China, 2024 and NSFOCUS has been recognized as a Sample Vendor across eight security innovations. We believe this is a testament to NSFOCUS’s commitment to innovation and its role as a leading player in the cybersecurity landscape.
The Eight Security Innovations Where NSFOCUS is Recognized:
1. Security Information and Event Management (SIEM)
“SIEM replaces situational awareness because organizations have realized there is no essential difference between situational awareness platforms and SIEM in the Chinese security market”, the report states, “Currently, SIEM in the China market is mostly integrated with capabilities for security orchestration, automation and response.”
NSFOCUS’s Intelligent Security Operations Platform (ISOP) offers entity-based querying and retrieval for data search, supporting threat analysis across multiple points such as network probes, endpoints, and cloud data. It also enables cross-application correlation analysis. The platform’s big data capabilities track, monitor, and maintain AISecOps full-traffic triage machine learning and AI models throughout their lifecycle, ensuring model quality, performance, and reliability. Integrated with SOAR technology, ISOP provides a variety of security automation scenarios, allowing for minute-level automated response capabilities, saving on personnel costs.
2. Attack Surface Management (ASM)
“ASM aggregates asset visibility from other products or services, providing a consolidated view of digital assets, internet-facing systems and any potential digital risks. It improves asset visibility and enables organizations to avoid blind spots and unmanaged technology (such as “shadow IT”). It also supports a continuous threat exposure management (CTEM) program by discovering and prioritizing exposure risks and by helping reduce exploitable exposures to the internet and the public domain”, the report says.
NSFOCUS’s Attack Surface Management solution provides a new approach to risk governance for vulnerabilities, supply chains, and sensitive data through internal and external asset mapping, continuous assessment, and operational closure. It flexibly combines various security product capabilities, integrates product data, and conducts comprehensive analysis of multi-source security data, fundamentally reducing the workload of risk management tasks.
3. Zero Trust Network Access (ZTNA)
“ZTNA logically separates the source user/device from the destination resources to mitigate full network access risks, thus reducing the attack surface for the organization… In China, ZTNA replaces VPN to improve security posture, with data security for remote work under increasingly strict security regulations”, the report states.
NSFOCUS’s Zero Trust Network Access (ZTNA) solution is based on device compliance assessment and user identity authentication. It continuously analyzes and verifies trust relationships to build secure access channels in untrusted networks, reducing and eliminating security risks.
The solution includes five core functional modules: Unified Endpoint Security Management, Zero Trust SDP Access Security Component, Unified Identity Authentication Platform, Zero Trust Secure Desktop Environment, and Zero Trust Analysis and Control Platform. These components establish a comprehensive security detection and protection system for endpoint access to resources and serve as the decision-making center for the entire zero trust system.
4. Breach and Attack Simulation (BAS)
Gartner defines the BAS in the report: “Breach and attack simulation (BAS) technologies enable enterprises to gain better visibility on their security posture weak spots by automating the continuous testing of threat vectors, such as lateral movement and data exfiltration. BAS complements, but cannot fully replace, red teaming or penetration testing. BAS validates the security posture of organizations by testing its ability to detect a portfolio of simulated attacks run from SaaS platforms, software agents and virtual machines (VMs).”
NSFOCUS’s Breach and Attack Simulation (BAS) system conducts automated attack simulations from an attacker’s perspective to test the effectiveness of deployed security protections. It verifies security protections in various scenarios, integrates with security operations, and discovers security weaknesses before attackers, shortening the window of vulnerability and achieving continuous, stable security protection.
5. Software Composition Analysis (SCA)
“Software composition analysis (SCA) products are specialized application security tools that detect open-source software (OSS) and third-party components known to have security vulnerabilities, and identify potentially adverse licensing and supply chain risks. It is an essential element in strategies to ensure an organization’s software supply chain includes secure and trusted components and, therefore, that the strategy aids in secure application development and assembly”, the report states.
NSFOCUS combines Software Composition Analysis (SCA) with Static Application Security Testing (SAST) capabilities, supporting integration with DevOps development processes. It provides a comprehensive solution for identifying open-source component assets, vulnerabilities, and auditing source code defects. It integrates with software version management and defect tracking systems without changing existing development and testing processes, achieving unified management of code security objectives, vulnerability fixing guidance, security audit reports, and composition analysis lists.
6. Security Service Edge (SSE)
As stated in this report: “Digitalization and hybrid work continue to drive the adoption of public cloud services … Simultaneously, SSE reduces the administrative complexity of running multiple products and provides greater visibility into end-user actions in one platform.”
NSFOCUS’s Magic Firewall (NF-SSE) is a flexible and operational Security Service Edge product. It is based on next-generation firewall capabilities and leverages cloud-native technology to provide multi-dimensional security capabilities such as full-traffic threat detection, Web application security protection, and asset risk detection. It subscribes to T-ONE cloud services on demand, forming a cloud-ground collaborative combination solution, and creating a closed-loop, flexible, and operational integrated security solution for users.
7. Data Classification
NSFOCUS’s Insight for Discovery and Risk (IDR) is a sensitive data discovery and risk assessment system integrating multiple scanning capabilities, including data discovery, identification, classification, grading, and tagging. It comes with a large number of industry-specific data classification and grading rule templates and supports customization.
IDR helps clients organize data exceeding billions of records and supports scanning of structured, semi-structured, and unstructured data. It offers various scanning methods, including full database scans for a comprehensive view of data assets, specified table scans for precision and efficiency, incremental scans to detect data changes, and scheduled periodic scans for easy maintenance of data asset inventories.
8. Data Security Platform
NSFOCUS’s Data Security Gateway is a data security protection product that not only meets compliance requirements but also provides capabilities such as sensitive data identification, classification, access control, static and dynamic data masking, digital watermarking, and security auditing. It is based on data discovery and classification, assigns different data operation permissions to various roles, configures appropriate policies, and supports the entire process with auditing to form a tiered protection model that covers all business processing scenarios and every stage of the data lifecycle.
Reference:
[1] Gartner, Hype Cycle for Security in China, 2024, 6 August 2024
Declaration: Gartner does not endorse any vendor, product or service in its report and does not recommend that technology customers only select the highest rated or other specified vendor. Gartner reports contain the opinion of its research organization, but the opinion should not be construed as a statement of fact. In terms of this report, Gartner disclaims all warranties, express or implied, including any warranties of merchantability or fitness for a particular purpose. Gartner and HYPE CYCLE are registered trademarks of Gartner Inc. and/or its affiliates in the United States and worldwide and are used herein with permission, all rights reserved.
