SANTA CLARA, Calif., July 01, 2024 — IDC, a leading global IT market research and consulting company, recently released IDC MarketScape: China’s Extended Detection and Response Platform 2024 Vendor Assessment (Doc# CHC51540824, June 2024, hereinafter referred to as the “Report”) to provide in-depth analysis and assessment of the XDR market trends, technological developments, and major vendors in China. In the Report, NSFOCUS is positioned in the Leaders category for its Intelligent Security Operations Platform (ISOP), which excels in technology, services, market performance, and, in particular, capabilities.
According to the Report, XDR should not just be a platform for aggregating and presenting various telemetry data, but should give full play to the advantages of multisource data. Specifically, it should leverage state-of-the-art technologies, such as big data analytics and artificial intelligence, to comprehensively enhance the capabilities of detecting malicious threats, especially zero-day exploits and advanced persistent threats (APTs), and employ automated/semiautomated tools to improve response and remediation efficiency.
The typical advantages of XDR are as follows:
- It can enhance visibility into security posture.
- It can help enterprises to identify real threats more effectively, reducing the times and resources required for incident investigation and response.
- Security orchestration, automation, and response (SOAR) capabilities significantly reduce the workload of security operations personnel.
- The cybersecurity large language model (LLM) is becoming an effective aid to XDR.
NSFOCUS ISOP has demonstrated remarkable strengths in all these aspects. IDC gives the following comments on the ISOP platform:
“NSFOCUS Intelligent Security Operations Platform (ISOP) seamlessly integrates XDR technology and security concepts into a platform. To better address different requirements of enterprise customers, NSFOCUS ISOP, as a next-generation upgrade of the SOC platform/situational awareness platform, can provide a full set of capabilities, or just a subset of these capabilities, such as threat detection, to customers who are concerned about only threat detection and analysis.”
“NSFOCUS ISOP implements XDR capabilities by incorporating heterogeneous data from multiple sources, such as clouds, networks, and endpoints, to form a data lake, helping government and enterprise customers to accurately detect advanced threats. It also triages threat information and traces the attack process. In addition, the platform can collaborate with other security devices, enabling cross-functional personnel to jointly handle security incidents simultaneously based on data collected from multiple sources. Leveraging the AI technology and built on NSFOCUS’s years of experience in defending against various real-world attacks, NSFOCUS ISOP boasts enterprise-grade, closed-loop security operations, which keep evolving with the ever changing business scenarios and security management requirements of customers. The platform provides unified security infrastructure, threat detection and prevention, data analytics and insights, automated response, and other capabilities, helping end customers reduce costs and protecting their long-term investments.”
“From the perspective of XDR technical capabilities implemented, the product allows entity-based (assets, IP addresses, etc.) query and retrieval of data, and supports threat analysis based on data from different sources (network probes, endpoints, and clouds) and cross-application association analysis. The big data platform tracks, monitors, and maintains the AISecOps model, involving management of the enabling/disabling, training, and evaluation of the model as well as progress monitoring throughout the lifecycle to improve the quality, performance, and reliability of AISecOps. Considering all applicable scenarios of SOAR, NSFOCUS ISOP comes with a variety of closed-loop security automation playbooks, including the security O&M inspection, security threat analysis and assessment, routine security inspection and assessment, and emergency response. Customers can directly execute appropriate playbooks as required for minute-level automated response and mitigation, saving personnel costs. AI and LLM capabilities are implemented in such scenarios as telemetry data understanding, threat/incident assessment and analysis, and knowledge and experience Q&A, enabling AI-aided intelligent security operations and providing an AI assistant that is able to effectively support security operations by using a natural language.”
“In future, NSFOCUS will continue to research, implement, and enhance XDR capabilities and introduce more LLM capabilities, combining LLM with XDR. Through LLM training, the product can detect more threats with a higher accuracy, analyze security incidents more efficiently, and make incidents easier to handle and understand.”
“A threat analysis system, including cybersecurity knowledge graphs, centered on indicators of behavior (IOBs) is constructed to observe the behavioral sequences caused by attackers across the network and effectively support prevention and control of attacks in enterprises’ internal environments. It resolves problems such as unified data modeling, implicit relationship mining and inference, and presentation to upper-level users. The system can detect behavior of each entity as well as various types of unusual behavior and so create more credible attacker behavior sequences.”
Up to now, NSFOCUS ISOP has had a proven record of success with thousands of customers from the carrier, finance, energy, government, central state-owned enterprise (CSOE), SECH (science, education, culture, and healthcare), and other sectors in different cities across the country, providing important technical support for a series of major national events. NSFOCUS keeps iterating and innovating XDR technology to improve the implementation effect. Through the introduction of LLM, NSFOCUS ISOP will play a positive role in prompting intelligent driving and efficient human-machine operations.
About IDC MarketScape
IDC MarketScape vendor assessment model is designed to provide an overview of the competitive fitness of ICT (information and communications technology) suppliers in a given market. The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. IDC MarketScape provides a clear framework in which the product and service offerings, capabilities and strategies, and current and future market success factors of IT and telecommunications vendors can be meaningfully compared. The framework also provides technology buyers with a 360-degree assessment of the strengths and weaknesses of current and prospective vendors.
About NSFOCUS
Founded in 2000, NSFOCUS operates globally with over 4000 employees at two headquarters in Beijing, China, and Santa Clara, CA, USA, and over 50 offices worldwide. It has a proven track record of protecting over 25% of the Fortune Global 500 companies, including four of the five largest banks and six of the world’s top ten telecommunications companies.
