The Increasing Trend of Software Supply Chain Attacks
novembro 8, 2022
Compared with traditional security threats, supply chain threats have a spreading influence. Vulnerabilities of upstream products will affect all downstream roles, causing security risks to spread along the supply chain and consequently expanding the attack area. In recent years, several influential supply chain attacks have taken place, involving open-source components, public code repositories, and cloud […]
Threats against Software Supply Chain Security
novembro 1, 2022
In the last post of this series, we had an overview of software supply chain security and summarized some observations during the research. You can read the previous post here. In this post, we’re going to talk about the threats faced by the software supply chain. Globalized economic development has brought more opportunities and […]
Introduction of RESTful APIs for NIPS Version 5610 and 5611
outubro 28, 2022
A RESTful API means that API works in REST standard. RESTful API requires the front end to send requests in one predefined format, so the server only needs to use one unified interface to process. NSFOCUS NIPS can use RESTful API to get the device information or change settings. API tools need to be authorized […]
Stay Alert to Traps in Updates: A New Variant of Magniber Ransomware
outubro 26, 2022
Overview The Magniber is a notorious ransomware. Unlike the common ransomware families such as Hive and LockBit that target companies, it is primarily used to blackmail individuals with a relatively low ransom around USD 2,500. The Magniber ransomware can neither be transmitted automatically nor used to upload user files, but encrypt files only. Here listed […]
Software Supply Chain Security: Overview
outubro 21, 2022
Software supply chain security is one of the key considerations in modern supply chain security. NSFOCUS Security Labs has conducted long-term research on security of the software supply chain. We’d like to publish a series of posts to share our observations, explore security issues existing in the software supply chain, conclude the core concepts, technical […]
NSFOCUS Launches Cloud WAAP Service for APAC Region at GovWare 2022
outubro 18, 2022
Santa Clara, Calif. October 18, 2022 – NSFOCUS, a global provider of intelligent hybrid security solutions, today launched its Cloud Web application and API Protection (WAAP) service for the Asia Pacific Region at the GovWare Conference & Exhibition held at Sands Expo and Convention Centre in Singapore on 18-20 October 2022. NSFOCUS at GovWare 2022 […]
NSFOCUS WAF Secure Data Transfer
outubro 13, 2022
NSFOCUS WAF secures data transmission by restricting domain names, URLs, and request methods, and it can improve transmission security by converting ordinary HTTP requests into HTTPS requests forcibly. Configuration precondition: Configure HTTP and HTTPS sites and ensure that both HTTP and HTTPS sites can be accessed. Configuration method: Step 1: Click Security Management > Website […]
Harry Potter’s Invisibility Cloak and Moody’s Eye: Software Defined Perimeter (SDP)
outubro 12, 2022
In the last series of popular science, we talked about Zero Trust Network Access (ZTNA) and learned the three critical technologies of zero trust—SDP, IAM and MSG. In this article, we will continue to introduce a security capability of NSFOCUS SASE – the SDP, one of the three major technologies. What is SDP? The SDP […]
NSFOCUS Included in the 2022 Gartner® Magic Quadrant for Cloud Web Application and API Protection in the Honorable Mentions Section
outubro 9, 2022
Santa Clara, Calif. October 9, 2022 – We are honored to announce that NSFOCUS was included in the Honorable Mentions section in the Gartner® Magic Quadrant for Cloud Web Application and API Protection report. According to Gartner, by 2026, 40% of organizations will select a WAAP provider on the basis of its advanced API protections […]
Introduction to Web APIs of NTA
outubro 6, 2022
The Web API of NTA provides an interface for configuring regions or IP groups. Data can be obtained with a GET request and added, removed, or modified with a POST request, facilitating the query and configuration of NTA by O&M personnel. All API POST requests will be recorded in the NTA audit log. Instructions for […]
