NSFOCUS Featured in Frost Radar™ Cloud-native Application Protection Platforms, 2022
April 5, 2023
Santa Clara, Calif. April 5, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced that it has been featured in Frost Radar™: Cloud-Native Application Protection Platforms (CNAPP). In this report, Frost & Sullivan identifies NSFOCUS and other 14 other companies as the powerhouses that are dominating and shaping the CNAPP market. NSFOCUS […]
Troubleshooting of Failure to Import a License into NSFOCUS ADS
April 4, 2023
After ADS is installed, you must import a license before using it. License types vary a bit for hardware devices and virtual devices: ADS will provide limited functions when a license expires, as shown in Table 1. What functions are still available depends on the license type. Table 1 Functions available upon license expiry Tips: […]
Key Technologies for Software Supply Chain Security – Detection Techniques (Part 2) – Static Application Security Testing (SAST)
April 4, 2023
NSFOCUS Security Labs is keeping an eye out for the trends in supply chain security and is pleased to share observations and thoughts with our blog readers. You will see the links for more posts we published about software supply chain security at the end of the article. From the perspective of the software life cycle, the […]
NSFOCUS Included in Forrester External Threat Intelligence Service Providers Landscape Q1 2023
March 31, 2023
Santa Clara, Calif. March 31, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced that it has been included in Forrester The External Threat Intelligence Service Providers Landscape, Q1 2023 report as a Notable Provider recently. In the main trend, the report[1] says, “The evolving nature of threats is expanding use cases […]
MiniO Information Disclosure Vulnerability (CVE-2023-28432) Notification
March 27, 2023
Overview Recently, NSFOCUS CERT found that MinIO officially issued a security notice, which fixed a MinIO information disclosure vulnerability (CVE-2023-28432). When MiniO is configured in cluster mode, an unauthenticated attacker can ultimately obtain information about all environment variables by constructing a crafted request packet, which allows the attacker to utilize the MINIO_ SECRET_ KEY&MINIO_ ROOT_ […]
Why IPS and Firewalls Are Not Anti-DDoS Solutions?
March 24, 2023
Not all distributed denial of service (DDoS) defenses are created equal. Whether it’s a Web Application Firewall (WAF), Intrusion Prevention System (IPS), Content Delivery Network (CDN) or traditional firewall, every “defense” has its own purpose, potential and peril. Even a firewall that claims to have Anti-DDoS capabilities built-in has only one method of blocking attacks: […]
22 DDoS Attacks to See Trends in 2023
March 23, 2023
2022 was a turbulent year full of regional conflicts. NSFOCUS Global Threat Hunting System detected a large number of DDoS worldwide in 2022, with some governments or banks suffering from the largest attacks in their history. Launching a DDoS attack is not expensive but can paralyze critical infrastructure and network systems, bringing huge economic losses […]
NSFOCUS Joins CNCF Cloud Native Landscape
March 21, 2023
Santa Clara, Calif. March 21, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced that its Metarget project has been included in CNCF Cloud Native Landscape in the field Security & Compliance of the Provisioning Category. CNCF Introduction The Cloud Native Computing Foundation (CNCF) was founded in 2015 by Google and […]
Adobe ColdFusion Multiple Security Vulnerabilities Notification
March 20, 2023
Vulnerability Overview Recently, NSFOCUS CERT monitored that Adobe has officially released security notices and fixed multiple Adobe ColdFusion vulnerabilities. Please take protective measures as soon as possible. Key vulnerabilities are as follows: Adobe ColdFusion deserialization vulnerability (CVE-2023-26359): Due to a flaw in Adobe ColdFusion’s deserialization security check, unauthenticated remote attackers can conduct deserialization attacks by […]
