Santa Clara, Calif. April 5, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced that it has been featured in Frost Radar™: Cloud-Native Application Protection Platforms (CNAPP). In this report, Frost & Sullivan identifies NSFOCUS and other 14 other companies as the powerhouses that are dominating and...
Blog
Troubleshooting of Failure to Import a License into NSFOCUS ADS
After ADS is installed, you must import a license before using it. License types vary a bit for hardware devices and virtual devices: Hardware device: License types include Trial, Temporary Sales, and Perpetual. Virtual device (vADS): License types include Trial, Temporary Sales, Perpetual, and Subscription. ADS will provide limited functions...
Key Technologies for Software Supply Chain Security – Detection Techniques (Part 2) – Static Application Security Testing (SAST)
NSFOCUS Security Labs is keeping an eye out for the trends in supply chain security and is pleased to share observations and thoughts with our blog readers. You will see the links for more posts we published about software supply chain security at the end of the article. From the perspective of...
NSFOCUS Included in Forrester External Threat Intelligence Service Providers Landscape Q1 2023
Santa Clara, Calif. March 31, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced that it has been included in Forrester The External Threat Intelligence Service Providers Landscape, Q1 2023 report as a Notable Provider recently. In the main trend, the report[1] says, "The evolving nature of...
Sudo Permission Elevation Vulnerability (CVE-2023-22809) Notification
Overview Recently, NSFOCUS CERT found that the analysis article and ExP of Sudo privilege enhancement vulnerability (CVE-2023-22809) were publicly disclosed online. Since sudoedit in Sudo has a flaw in handling additional parameters passed in user provided environment variables such as SUDO_EDITOR, VISUAL, and EDITOR., when a user specified editor contains...
MiniO Information Disclosure Vulnerability (CVE-2023-28432) Notification
Overview Recently, NSFOCUS CERT found that MinIO officially issued a security notice, which fixed a MinIO information disclosure vulnerability (CVE-2023-28432). When MiniO is configured in cluster mode, an unauthenticated attacker can ultimately obtain information about all environment variables by constructing a crafted request packet, which allows the attacker to utilize...
