In 2023, countries worldwide continued to strengthen their cybersecurity capabilities and systems in response to their national needs, using regulatory means to enhance their cybersecurity management. Based on continuous tracking and research, NSFOCUS summarized the development of global cybersecurity regulations and policies in 2023, hoping to provide valuable insights and...
Author: NSFOCUS
NSFOCUS WAF Security Reports
NSFOCUS WAF security reports are divided into classification-specific alert reports and period-specific alert reports. You can acquire reports based on query conditions, such as websites, event types, statistic collection periods, and statistic collection time. 1. Generation procedure: Logs & Reports > Security Reports > Classification-Specific Alert Report or Period-Specific Alert...
CTEM: Navigating the Future of Attack Surface
This article introduces the concept of Continuous Threat Exposure Management (CTEM), delving into the philosophy behind CTEM, its five stages, and exploring key technologies that support its implementation. I. Introduction In mid-October 2023, Gartner released the top 10 strategic technology trends for 2024 that enterprises need to explore, as depicted in Figure 1. Figure...
2023 Cybersecurity Regulation Recap (Part 3): Privacy Protection
In 2023, countries worldwide continued to strengthen their cybersecurity capabilities and systems in response to their national needs, using regulatory means to enhance their cybersecurity management. Based on continuous tracking and research, NSFOCUS summarized the development of global cybersecurity regulations and policies in 2023, hoping to provide valuable insights and...
Runc Container Escape Vulnerability Alert
Overview Recently, NSFOCUS CERT detected that the runc officially issued a security notice and fixed a container escaping vulnerability (CVE-2024-21626). Since the internal file descriptor of runc is leaked during initialization and the final working directory is not verified to be located in the mount namespace of the container, attackers...
Preliminary Troubleshooting for Cloud Authentication Failure in ADS, NTA and ADSM
If the virtual product uses cloud authentication, it needs to communicate with the cloud authentication center periodically every day to complete the authentication and ensure availability. You can confirm the authorization mode by checking the Authorization Mode of the license. For example, in the image below, NTA uses cloud authorization....
