NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report by Forrester

NSFOCUS ISOP Listed in The Security Analytics Platform Landscape Report by Forrester

December 30, 2024 | NSFOCUS

SANTA CLARA, Calif., December 30, 2024 – We are thrilled to announce that NSFOCUS was selected as the notable vendor of Forrester The Security Analytics Platform Landscape, Q4 by its ISOP (Intelligent Security Operations Platform) with built-in NSFGPT AI assistant and AI-empowered security operation scenarios.

“The security analytics platform is the core of the security operations center (SOC)”, as stated in this report, “Security analytics platforms consolidate technologies like security information and event management (SIEM), security orchestration, automation, and response (SOAR), user behavior analytics (UBA), threat intelligence platform (TIP) and data pipeline management capabilities into a single solution.” According to Forrester, security professionals implement security analytics platforms to:

  • Consolidate security data for alerting, insider threat, and compliance purposes
  • Build new detections continuously on large datasets
  • Alert on potential attacks, investigate events, and respond to incidents.

NSFOCUS has built its ISOP with AI enhanced capabilities security in 4 critical scenarios to boost the operation efficiency:

  • AI-powered alerts triage
  • AI-powered in-depth threat analysis and response
  • AI-powered threat intelligence
  • NSFGPT assisted security knowledge Q&A

With AI enhanced capabilities, NSFOCUS ISOP reduced the false positive alarms by 97%, improved the threat response time to 30 minutes, which overall accounted for 70% more operational efficiency. In addition, NSFOCUS ISOP will keep evolving on AI-powered unknown threat analysis, APT analysis and autonomous SOC.

AI-Powered Security Operations scenarios by NSFOCUS ISOP include:

1) AI-powered alerts triage

As a common challenge for almost all SOCs, massive amount of alarms can easily exhaust limited resources in a SOC and make it difficult to focus on most valuable alarms. ISOP utilized an AI generated baseline to filter low-quality events and identify valuable suspicious attack behaviors. In certain cases, average alarm noise reduction rate can reach 97%.

2) In-depth threat analysis and response

By correlating events, logs and traffic with the bulit-in security knowledge base, NSFOCUS ISOP provides in-depth clue mining and tracing support to enable further attack event result judgement, including impacted scope, intention, techniques, tactics, and response suggestions. One-click blocking or auto-generated SOAR script will be possible. The average response time is reduced to 30 minutes, and the overall operational efficiency is increased by more than 70%.

3) Threat intelligence

NSFOCUS ISOP relies on the AI-powered semantic understanding and inference analysis capabilities to integrate multi-source intelligence, realizes intelligent data fusion and deep mining, builds detailed threat portraits, and provides expert interpretation and analysis in the form of natural language to defend the latest attacks.

4) Security knowledge Q&A

Based on trillions of security knowledge and hundreds of billions of Token database, NSFGPT can identify the intention of questions in different scenarios. NSFOCUS ISOP provides intelligent recommendation and guidance for users’ questions, help SOC operators to complete a closed loop of event handling process.

NSFOCUS is fully devoted to help organizations to improve security operation efficiency with AI, and aiming to lead the security operations to autonomous era.