Gartner® recently published the report of Hype Cycle™ for Security in China, 2022. NSFOCUS has been named a Sample Vendor for situational awareness and 7 other technologies, which NSFOCUS believes validates its innovation and latest practice in security management and situational awareness.
According to the report, “situational awareness (SA) technologies in China “are modern, centralized and evolved versions of security information and event management platforms. They integrate with other security tools and collect data from assets, network traffic, logs, vulnerabilities, user behaviors, and threats. Additionally, SA technologies can analyze and display the security situation based on gathered data, and then predict the trend of the security situation.”
“Organizations operating multiple level protection schemes, such as MLPS 2.0 Level 3 and above systems, are more likely to become cyberattack targets due to the extent of their systems and data. Such organizations have a strong need to employ SA solutions as the core technology of their security operations centers (SOCs). Cybersecurity risks are developing and evolving in terms of diversity, scalability, complexity, and continuity. The growing dependence on cyberspace has greatly increased the need for SA technologies — essentially, providing visibility, risk scoring and responding to potential cybersecurity issues. Modern SOC teams need a centralized platform to consolidate real-time information from disparate tools and orchestrate security processes and resources.”
Based on technological accumulation and innovation in security management and attacks and defenses over the past decade, NSFOCUS ISOP is developed that practices the concept of NSOFOCUS Intelligent Security 3.0 and continuously improves the XDR practical operations and IPDR defense-in-depth system. ISOP has advantages in multisource heterogeneous data collection, telemetry, massive data storage, management, and advanced threat analysis.
ISOP supports the XDR capability that performs deep convergence and analysis of telemetry data collected from the network side and endpoints. This allows customers to learn about whether protected or monitored objects are at risk or under attack, offering higher visibility into cyberspace security. By extending attributes in multiple dimensions, ISOP provides enhanced continuous operations capabilities for advanced threat detection, discovery, and response. Coupled with telemetry, ISOP can perceive security situation changes, thus achieving efficient, operable closed-up defenses.
To address future security defense changes of enterprises, ISOP will provide more intelligent abilities to identify unknown risks and effectively alleviate the situation of less sampled security data by using more intelligent unsupervised machine learning algorithms and other algorithms. In addition, ISOP will use the real-time flow computing capability and various model algorithms such as the knowledge graph to discover unknown risks. It provides more lightweight attack visualization to assist in fast and effective security operations, automated recommendation, and optimization mechanisms, developing an adaptive security detection and response framework.
Note that Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research institutions and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. Gartner and Hype Cycle are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.
Gartner, Hype Cycle for Security in China, 2022, Feng Gao, Anson Chen, October 2022.