NSFOCUS Recognized as One of Representative SOAR Vendors in Frost & Sullivan’s Report

NSFOCUS Recognized as One of Representative SOAR Vendors in Frost & Sullivan’s Report

dezembro 21, 2023 | NSFOCUS

SANTA CLARA, Calif., Dec 21, 2023 – NSFOCUS proudly announces its recognition in Frost & Sullivan’s latest report Insights for CISOs: Modernizing Security Operations Centers with Security Orchestration and Automated Response as a representative vendor.

This insightful report delves into the growth environment, enterprise application value, SOAR solution benefits, the vendor ecosystem, and growth opportunities within the cybersecurity landscape. Evaluating the latest SOAR solutions (products) from 11 major international security vendors, the report recognized NSFOCUS as one of the representative vendors for its in-depth research and core technology implementation in SOAR, extensive market coverage, and rich customer practice scenarios of NSFOCUS Intelligent Security Operations Platform (ISOP). NSFOCUS is the only representative security vendor in China to be featured in the report.

The report points out that the key to enhancing the overall security posture is to build a system that can manage threats and vulnerabilities, respond quickly to security incidents, and automate security operations (SecOps), which is an arduous task at best. A SOAR solution is an important component of an enterprise’s holistic approach to security. For chief information security officers (CISOs) seeking improve enterprise security posture, SOAR systems enable a complete picture of an organization’s performance for both past and current threats and is an important security pillar of strength necessary for warding off future threats. Given the shortage of talent, automation allows SOC teams to accomplish more with fewer people. Access to data via SOAR platform helps executive decision-makers with scheduled or on-demand reports. While SOAR solutions help manage the dynamic security environment, they are not the magic bullet many people hope for. SOAR is not a standalone system, nor does it replace other security tools or analysts. It cannot work if the broader security strategy is flawed. SOAR deployment and management require a comprehensive set of instructions and cohesive technologies. It helps enterprises eliminate bottlenecks that manual SOC processes may cause. Its ability to automate tasks such as vulnerability scanning, log analysis, and ticket checking, and enhanced insights with AI and ML elevate the performance of SecOps.

Frost & Sullivan has cited the NSFOCUS ISOP platform and its SOAR capabilities, which helped modernize an automaker’s SOC. It helps implement core SOAR capabilities to customize playbooks for user scenarios and offer rapid automated response. In terms of third-party collaboration and automated response offerings, NSFOCUS ISOP abstracts each type of security device into an application type, abstracts their security capabilities into instance action capabilities, and quickly and widely integrates these capabilities.

Core Capabilities of NSFOCUS ISOP

The key capabilities that differentiate NSFOCUS ISOP’s SOAR capabilities from other products are its open system architecture and flexible deployment, security capability orchestration ecosystem, highly customized security processes, intelligent security analysis and response, and real-world use case knowledge. What’s more, the innovative technology capabilities of AISecOps have been deeply adopted by customers across multiple industries. The coverage rate of AI-based intelligent analysis and assessment has reached 96.7%, greatly improving operational efficiency. The application of AI technology has helped implement noise reduction and automated analysis of massive alerts. The intelligent triage and recommendation capabilities help upgrade security scenarios and models, and can provide customers with a more intelligent interactive operational approach in combination with SOAR. Taking incident response as an indispensable application scenario, the NSFOCUS SOAR solution, with the XDR technology and NSFOCUS’s rich threat intelligence data, can efficiently facilitate security operators in security operations and improve the practical level of security operations.

In addition, with the development of automation and intelligence technologies, cybersecurity defense will face increasingly severe challenges. Therefore, NSFOCUS is constantly exploring additional automated, intelligent, and practical security application scenarios. Currently, ISOP has been integrated with nearly one hundred mainstream security product capabilities, and has accumulated more than one hundred typical security scenarios, covering practical business scenarios such as incident response closed-loop, security analysis and forensics, and security assessment and inspection. NSFOCUS ISOP has been tested in thousands of customer production or testing environments, and it is flexibly compatible with various cloud deployment environments and standalone deployment environments.

Large Language Models (LLMs) will also facilitate improving SOAR’s automated efficiency and opening tools. NSFGPT is a cybersecurity-specific LLM that integrates more than 20 years of deep security research accumulation and more than 10 years of AI security research and practice of NSFOCUS. It is a cybersecurity operation decision-making support system built on massive security professional knowledge training, covering various scenarios such as security operation, detection response, attack and defense, and knowledge Q&A. NSFOCUS combines the LLM technology in its ISOP platform to conduct research practice in scenarios such as security posture summary, attack intention analysis, response closed-loop, vulnerability management closed-loop, threat hunting, and knowledge Q&A. The forthcoming practical outcome of the combination of NSFOCUS ISOP and NSFGPT will help guide and assist operators in targeted analysis and handling, significantly improving operational efficiency. LLMs can also provide continuous security knowledge and advice to customers, enhance the ability to automatically investigate and analyze security posture, improve security operations efficiency, and reduce technical requirements for operators through natural language interaction. While continuously researching and practicing LLM technology, NSFOCUS also focuses on the security of LLMs. We are researching security enhancement technologies in terms of robustness, reliability, privacy, fairness, and interpretability to ensure the security of LLM applications. We are also analyzing the potential security risks in scenarios related to the use of LLMs in customer offices, and are continuously working to provide reliable defense and detection solutions.

NSFOCUS will continue to offer enterprise-level cybersecurity products and solutions and operational solutions to global customers with an innovative spirit, excellent technologies, superior products, and professional services, with the goal of becoming a trusted cybersecurity vendor. By leveraging innovative technologies such as NSFGPT and AISecOps, NSFOCUS plays an increasingly important role in ensuring network security and helping security operations and managers to respond to ever-changing technologies and security threats. The revolution of the new era has arrived, and organizations must embrace this change to achieve the goals of lowering costs while simultaneously improving quality and security.


[1] Frost & Sullivan, Insights for CISOs Modernizing Security Operations Centers with Security Orchestration and Automated Response