Gartner, the world’s leading research and advisory firm, released two authoritative magic quadrants (application security testing (AST) and web application firewalls (WAFs)) regarding web security every year by selecting important vendors with global influence. We are so proud that NSFOCUS WVSS and WAF had both recognized in Gartner’s Two Magic Quadrants.
With dramatic increasing services usages deployed on web application platforms, it highly identifies that web application security has becoming increasingly crucial. However, as the web application security is not the priority during the web application development phase which makes it more vulnerable to attacks. Attackers usually exploit web vulnerabilities, such as SQL injection and remote code execution in order to take control of a website or plant backdoors into web pages for the purpose of tampering with website content, infecting a website with trojans, obtaining sensitive data, or disrupting the service. According to the National Computer Network Emergency Response Technical Team (CNCERT), approx. 37,000 websites were tampered with in China in 2014. To deal with web threats, users need to discover vulnerabilities through AST (Application security Testing) before the attacks as well as using WAFs for early protection.
This year NSFOCUS’s Web Vulnerability Scanning System (WVSS) is recognized in Gartner Magic Quadrant for Application Security Testing (AST). NSFOCUS WVSS provides web vulnerability assessment and testing, which can simulate various website access behaviors. With a precise forensic scanning function and an authoritative vulnerability base, NSFOCUS WVSS can provide scanning analysis reports and remedial suggestions. Boasting a powerful scanning engine and a unique URL page load balancing technique, NSFOCUS WVSS has a capacity of scanning up to 100,000 pages within a single day. With multiple nodes deployed in a distributed manner, the system can even scan over 1 million pages for a day. In addition, the product can be deployed in a virtual environment and work whenever requested. NSFOCUS Web Security Monitoring System (WSM) is our another web security product which can proactively scan target websites for web vulnerabilities, trojans, page defacement, illegal content and domain name hijacking. It can also monitor website stability in real time, thus keeping users updated on the security status of their websites. By virtue of our industry leading web scanning and monitoring capabilities and the quickest responses to web security events, NSFOCUS has received wide acclaim on the operation and maintenance (O&M) market from key monitoring/assessment agencies, governments, carriers, finance, military, energy and Internet sectors.
NSFOCUS WAF, which is also and again recognized in Gartner Magic Quadrant 2015 for Web Application Firewalls, features a complete protection system incorporating the blacklist and whitelist mechanism and a suite of solutions made up of various web security check methods. With a mature DDoS protection mechanism, NSFOCUS WAF can tackle various web attacks, including OWASP Top 10 security risks, in IPv4 or IPv6 or IPv4+IPv6 environments, effectively protecting web applications from current and future security threats. As an industry-leading WAF product in China, NSFOCUS WAF has been picked by over 1000 companies and organizations globally.
To integrate detection with protection, NSFOCUS makes it possible for NSFOCUS WVSS to automatically collaborate with NSFOCUS WAF. Specifically, NSFOCUS WAF can automatically obtain and anatomize vulnerability scanning reports from WVSS so that to generate security policies based on the analysis results. With the smart patch function, which can be enabled for web servers by one click, NSFOCUS WAF implements closed-loop management from vulnerability discovery to protection policy generation and provides targeted protection for customers’ websites.
To address more challengeable risks and be the influencer in web security industry, NSFOCUS will continue to deliver innovative solutions for customers to ensure the highest security for their web applications.
For more information, please contact us at email@example.com or drop us message at here.