Santa Clara, Calif. January 26, 2023 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has been selected by Forrester as a sample vendor for its next-generation Web Application Firewall (WAF) in the report The Forrester Tech Tide™: Zero Trust Threat Prevention, Q4 2022 published recently.
The Forrester Tech TideTM report presents an analysis of the maturity and business value of the 20 technology categories that support Zero Trust threat prevention. The web application firewall (WAF), as one of the technological areas with high commercial values and a high level of maturity, is highlighted in the report.
According to the report, WAF, as a fundamental technology and product to protect layer 7 traffic, now needs to expand its capabilities to address API-based attacks, client-side attacks, and even bots. NSFOCUS’s next-generation WAF, revolving around web applications and APIs, is a coordinated solution that integrates DDoS protection, bot traffic management, WAF, and API protection capabilities to mitigate various threats, including web exploits, resource abuse, and unauthorized resource access. Built on an upgraded security architecture, the product can effectively secure enterprises’ web applications, services, and data, protecting customers from end to end in an all-round manner.
The system covers brand-new scenarios in the era of digital transformation, applicable to many industries such as finance, government, and science, education, culture, and healthcare (SECH). Externally, it addresses such issues as use of seemingly legal identities to take over accounts, scalping, and promotion abuse, which could cause sensitive data leaks and high service load, dealing a double blow to customers’ finance and reputation. Internally, it helps customers sort out API assets and arrange them by category, in an effort to effectively control APIs and abuses in addition to ensuring compliance based on API types, behaviors, permissions, and context logic.
In terms of API security, the next-generation WAF can automatically learn API assets from service traffic and generate API lists accordingly. It also allows the import and export of API assets to help customers identify and sort out API assets. For mission-critical APIs, the system supports OpenAPI Specification (OAS) compliance checks by allowing users to set valid value ranges and lengths for API-related parameters, effectively protecting API assets from injection and overflow attacks. For OWASP API Top 10 attacks, the system provides multidimensional detection mechanisms, such as rule-based detection and semantics-based detection, to identify and block known and unknown threats in the network.
When it comes to cloud-based deployment, the system supports the K8S + Istio architecture, providing companion protection for huge quantities of microservices. Besides, it allows configuring a unique protection policy for each microservice, while delivering protection for both north-south and east-west traffic.
NSFOCUS’s next-generation WAF has been recognized by multiple international consulting institutions for the leading technology employed and excellent market performance. For example, NSFOCUS has been ranked No. 1 by IDC for 3 consecutive years for its share in China’s hardware WAF market, has made it into top 3 in Frost & Sullivan’s WAF vendor ranking in Greater China for 10 consecutive years, has been included in Gartner’s Magic Quadrant for Web Application Firewalls for 4 consecutive years and Gartner’s Asia/Pacific Context: Magic Quadrant for Web Application Firewalls (2018), and appeared in Forrester’s Now Tech: Bot Management, Q4 2021 and Now Tech: Web Application Firewalls, Q2 2022.
NSFOCUS, Inc., a network and cyber security leader, protects telecommunications, Internet service providers, hosting providers and enterprises from advanced cyberattacks. NSFOCUS’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against ever-evolving cyberattacks.