Blog

Unlike vulnerability exploitation in products, attack vectors and implementation channels targeting the supply chain in the real environment are more diverse. Due to the advantages of low development cost, the widespread use of open-source components in projects has become the mainstream development method. The conflict between a rule-relaxed open community and limited maintenance resources provides […]

Application programming interfaces (APIs) have become a role that can’t be ignored in digital transformation, whether in application modernization or agile business strategies. At the application development stage, APIs are standard service interfaces. When it comes to interfacing with third-party services, APIs are a common choice. In the microservice architecture, APIs are an integral part […]

NSFOCUS has been recognized as one of the Representative Vendors in the Report of Tool: Vendor Identification for Data Loss Prevention 2022 1. The COVID-19 pandemic has accelerated the process of digital transformation. With the vigorous development of digital economy and information industry, the rapid implementation and application of 5G, zero trust, AI, and blockchain […]

Gartner® recently published the report of Hype Cycle™ for Security in China, 2022. NSFOCUS has been named a Sample Vendor for situational awareness and 7 other technologies, which NSFOCUS believes validates its innovation and latest practice in security management and situational awareness. According to the report, “situational awareness (SA) technologies in China “are modern, centralized […]

Santa Clara, Calif. November 10, 2022  – NSFOCUS, a global provider of intelligent hybrid security solutions, today announced it has received CREST’s internationally recognized accreditation for its Penetration Test services, an addition to its existing accreditation for the vulnerability assessment service.   CREST uses a rigorous quality assurance process to ensure its member companies are accredited and quality […]

Compared with traditional security threats, supply chain threats have a spreading influence. Vulnerabilities of upstream products will affect all downstream roles, causing security risks to spread along the supply chain and consequently expanding the attack area. In recent years, several influential supply chain attacks have taken place, involving open-source components, public code repositories, and cloud […]

In the last post of this series, we had an overview of software supply chain security and summarized some observations during the research. You can read the previous post here. In this post, we’re going to talk about the threats faced by the software supply chain.   Globalized economic development has brought more opportunities and […]

Overview The Magniber is a notorious ransomware. Unlike the common ransomware families such as Hive and LockBit that target companies, it is primarily used to blackmail individuals with a relatively low ransom around USD 2,500. The Magniber ransomware can neither be transmitted automatically nor used to upload user files, but encrypt files only. Here listed […]

Software supply chain security is one of the key considerations in modern supply chain security. NSFOCUS Security Labs has conducted long-term research on security of the software supply chain. We’d like to publish a series of posts to share our observations, explore security issues existing in the software supply chain, conclude the core concepts, technical […]

Santa Clara, Calif. October 18, 2022  – NSFOCUS, a global provider of intelligent hybrid security solutions, today launched its Cloud Web application and API Protection (WAAP) service for the Asia Pacific Region at the GovWare Conference & Exhibition held at Sands Expo and Convention Centre in Singapore on 18-20 October 2022.  NSFOCUS at GovWare 2022 […]