Sangfor Cyber Command - NDR Platform

The modern age has brought about many new threats to safety and privacy. In the cybersecurity industry, phishing attacks have taken a leading role in disruptive and destructive cyber hazards. A phishing attack is any cyber-attack in which a hacker attempts to deceive the victim through the use of fraudulent emails or correspondence. The fake message looks authentic and contains links or attachments with malware inside. The message instructs the victim to click on the links or download the attachments. The malware then infiltrates the computer system and gains access to private information, data, and anything of value. While phishing attacks can be prevented to a limit, it’s important to stay updated on the recent statistics and forms of phishing attacks taking place to avoid falling victim to them. Latest Phishing Statistics Here is a roundup list of some of the most recent phishing statistics: 55% of phishing websites use targeted brand names to capture sensitive information with ease. (F5 Labs Phishing and Fraud Report of 2020) During the third quarter of 2022, 23% of phishing attacks worldwide were directed toward financial institutions. (Statista) Web-based software services and webmail accounted for 17% of phishing attacks. (Statista) 41% of cyber-attacks used phishing and more than half of those phishing attacks used spear-phishing attachments. (IBM) A 2023 survey showed that 53% of respondents believed that hackers would use ChatGPT to craft believable and legitimate-sounding phishing e-mails. 49% thought that the AI tool would help less experienced hackers improve their technical knowledge and develop their skills for spreading misinformation. (Statista) Phishing and impersonation of a public institution was the most common social engineering method used by cybercriminals in Poland in 2023. (Statista) The global cybersecurity market size is forecast to grow to US$ 266.2 billion by 2027. (Statista) Today, potentially AI-enabled phishing and network intrusion are some of the most common cyber-attacks experienced by organizations - causing serious damage including information or revenue loss. (Statista) By 2025, forecasts suggest that there will be more than 75 billion Internet of Things (IoT) connected devices in use which could become vulnerable to possible security breaches in the form of hacking, phishing, and more. (Statista) Phishing e-mails remain one of the primary attack vectors for cybercriminals. On average, 15% of businesses worldwide have become victims of more than 50 bulk phishing attacks. More than half of the companies said these phishing attacks resulted in consumer or client data breaches. (Statista) Highly impersonated brands for phishing scams include Amazon and Google at 13%, Facebook and WhatsApp at 9%, and Netflix and Apple at 2%. (CISOMag) Biggest Phishing Breaches In 2022 Phishing attacks are becoming more innovative and spreading faster than ever before. Last year saw record-breaking numbers. The APWG logged more than 4.7 million phishing attacks in 2022. Since the beginning of 2019, the number of phishing attacks has grown by more than 150% per year. Some of the biggest phishing attacks in 2022 include: Twilio - August 2022 The communications company said in a press release that it became “aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.” A text message phishing attack baited and redirected employees toward a fake website that resembled Twilio’s real authentication site. The site then asked for the employee credentials which gave the hackers the information to gain insider access to internal company resources and customer data. Sourced from Twilio The fake URLs contained "Twilio," "Okta," and "SSO" keywords. The access compromised 93 Authy accounts and potentially exposed 1,900 accounts on the encrypted communication app Signal. Acorn Financial Services - August 2022 A cyber-attack on the financial services provider – Acorn - led to sensitive data being compromised. Initially, the phishing attack targeted an employee – stealing their email credentials. After gaining access, the hackers stole customer names, addresses, dates of birth, driver’s license numbers, financial account numbers, social security numbers, and other client account-related information. Allegheny Health Network - July 2022 The Allegheny Health Network revealed that it was the victim of a cyber-attack that saw the exposure of almost 8,000 patients. A phishing email was sent to a worker at the facility to gain their employee credentials which were then used to access the sensitive information. The information compromised in the breach included patient names, dates of birth, dates of service, medical records, ID numbers, mailing addresses, phone numbers, and email addresses. The healthcare providers said that no evidence was found that any of the information had been used fraudulently. Mailchimp - March 2022 The credentials of employees were used to access the accounts of 319 MailChimp customers. A mailing list of 102 accounts was also stolen. The hackers then used the accounts to launch phishing attacks. Application programming interface keys may have also been compromised in the cyber-attack - which could be used to launch additional email-based phishing campaigns in an automated fashion. Trezor, the cryptocurrency wallet company, also reported that the stolen data from the Mailchimp breach was used to launch a phishing campaign against its customers. The phishing emails sent to Trezor’s customers contained malware that asked for sensitive account information. The access was then used to transfer money into the hacker’s wallets. Charleston Area Medical Center - January 2022 The Charleston Area Medical Center suffered a phishing attack that affected 54,000 people. The company revealed in a statement that an unauthorized actor gained access to some CAMC employee email accounts. The notice goes on to say that the hacker seemed to be interested in collecting login information for CAMC employee accounts rather than accessing individuals’ personal information. Regardless, the impacted accounts contained patient names, medical record numbers, test results, and other treatment information. How To Prevent Phishing In 2023 While the dangers of phishing attacks may seem unavoidable to some extent, it’s important to practice cyber hygiene and be cautious to avoid becoming a victim. We’ve drawn up a list of ways you can prevent yourself from being caught up in a phishing scam in 2023: Be Overly Suspicious While we don’t recommend that you wear a tinfoil hat and never open your email again, there are ways to be cautious. A phishing scam tries its best to fool its victims by looking almost entirely legitimate - “almost” being the operative word. Companies will not ask you for sensitive credentials in an email or text message. If you receive any communication asking for sensitive information – or any information – rather be safe and call the official company line and enquire about the authenticity before submitting any information. Sourced from Federal Trade Commission Think Before You Click The FBI’s 2021 Internet Crime Report reported that 19,954 complaints were related to business email compromised issues - the losses of which amounted to US$ 2.4 billion. Hackers will count on your carelessness when opening email links and downloading files. Even if an email or attachment looks legit, it’s important to always be cautious. Ensure that any links received are not suspicious-looking and that every URL you click on looks sensible before clicking them - regardless of if they’ve come from trusted sources or not. Update Your Software While we all want to simply wave away the pesky update notifications, it’s important to always maintain the latest software updates on your PC and phone. Most updates include patches that fix vulnerabilities in the software. Hackers will use your delayed update to take advantage of those vulnerabilities and infiltrate your system. Use Multi-Factor Authentication Keep the Multi-factor authentication on across all your apps and accounts. This ensures that your accounts and device have multi-layered security. This will limit access and keep your information safe. Extra credentials are required which makes it more difficult for hackers to enter your account or compromise your data. Stay Informed It’s important to stay aware of the phishing scams in your area. Keep an ear and eye out for any new scams going around and spread the word to keep others safe as well. Browse Safely When you’re online, it’s easy to forget the smaller details – especially when shopping. Remember to ensure that the websites you access are SSL-certified and have a URL starting with “https” so you know that your data is encrypted. A secure website will also feature a lock icon near the URL address bar. Don’t enter any information into a website that does not seem secure. Provide Cybersecurity Training Most cyber-attacks on businesses start with an employee clicking on a dubious. To maintain the safety of your network, ensure that your employees receive adequate cybersecurity training and education. Implementing cyber hygiene practices in the workplace will help your employees recognize and avoid phishing scams faster and protect your organization. Use Advanced Cybersecurity In this modern world, everything is automated – and your cybersecurity solutions should be the same. Invest in advanced and high-quality cybersecurity measures to ensure that phishing scams and malware don’t stand a chance. Sangfor’s Next Generation Firewall (NGFW) can be used in conjunction with Endpoint Security to identify malicious files at both the network level and endpoints. The advanced firewall is a security device designed to inspect network and application traffic for threats, secure the network environment from intrusion, and bring in security intelligence from outside the network. Anything that the on-premises features cannot analyze is automatically sent to the cloud-based Neural-X sandbox for isolation and critical inspection. Additionally, Sangfor’s Cyber Command (NDR) Platform constantly monitors for malware, residual security events, and future potential compromises in your network. The solution is coupled with Threat Intelligence and an enhanced AI algorithm to keep you updated with any vulnerabilities in the system while ensuring your data is always kept strictly protected and consistently monitored for lingering threats Ensure that phishing scams and other malware are a thing of the past by introducing these safety practices and solutions. For more information on Sangfor’s cyber security and cloud computing solutions, visit www.sangfor.com.   Contact Us for Business Inquiry

As the world races to new and more advanced technology, we open ourselves up to different cyber threats. The cybersecurity infrastructure of an organization needs to be made a priority to ensure that the modern landscape we create remains safe for everyone. Around the world, more governments are beginning to see the effects of cyber-attacks and are trying to instill a better understanding of cybersecurity practices for citizens. The UAE is no stranger to this as the country’s cybersecurity has now taken a central focus. A Warning from the UAE Cybersecurity Council to Public and Private Sectors Recently, the Cybersecurity Council of the United Arab Emirates advised private and public sectors alike to be more cautious to avoid the risk of cyber-attacks. The council also asked that a cyber emergency response system be put into place in cooperation with the authorities to share data and proactively prevent malicious attacks. This comes after fears that threat actors may target national digital infrastructure and assets. Dr. Mohamed Al Kuwaiti, the Head of Cybersecurity for the government, revealed in a statement that the banking, financial, health, oil, and gas sectors are the most targeted sectors. He also noted that all these cyber-attacks are countered proactively and efficiently to protect the country’s digital sphere. The importance of cyber hygiene practices was also stressed by the council. Organizations are encouraged to activate protection systems and cybersecurity policies while informing the authorities immediately about any suspicious cyber activity. The United Arab Emirates has already taken to setting up legislature and practices to ensure secure digital transformation in the country. Cybersecurity in the UAE The United Arab Emirates is no stranger to taking charge in terms of cybersecurity. Al Kuwaiti also revealed that the UAE Cybersecurity Council works with its partners to prevent 50 000 cyber-attacks each day against the government’s infrastructure. Ransomware attacks have plagued the country for a while. In 2021, it was reported that numerous businesses paid more than US$ 1,4 million in ransom - with 42% of them having to close down after the incident and 90% being attacked again. The UAE cybersecurity chief went on the comment that at the start of 2023, ransomware attacks in the UAE have declined by more than 70% compared to the same time last year. Al Kuwaiti stressed that the world was facing a “cyber pandemic” - a term he had previously used in November. While he admitted that the world was caught off-guard in terms of cybersecurity during the onset of the Covid-19 pandemic, he says that lessons have now been learned and we should all be better prepared to fend off bad actors in cyberspace. This pandemic is not something bad; it is an opportunity that we actually need to leverage so we can innovate to build resilience against future challenges. Dr. Mohamed Al Kuwaiti, Head of Cybersecurity in the government of UAE The country saw a 190% increase in cyber-attacks after the shift to remote working environments and experienced more than 15.8 million brute force attacks on Remote Desktop Protocols (RDP) in 2020. He warned that remote working and online learning are set to continue which means that cybersecurity threats will always be present. According to the cybersecurity chief, organizations and individuals alike need to remain vigilant. The UAE Cybersecurity Council tackles cyber-attacks in line with the country’s information security standards and policies. Al Kuwaiti has also confirmed before that the UAE has invested in advanced digital infrastructure and cybersecurity tools to effectively mitigate cyber-attacks targeting critical government authorities. According to the Global Cybersecurity Index 2020 report, the UAE is ranked fifth worldwide in the Global Cybersecurity Index of the International Telecommunication Union of the United Nations. The report measured 193 countries for their cybersecurity infrastructure in terms of: Legal measures Technical measures Organizational measures Capacity development measures Cooperation measures With each pillar weighing 20 points, the UAE achieved a total score of 98.06 out of 100 with full scores in terms of legal measures, capacity development, and cooperative measures. This was a huge jump in its rank from 33rd in the 2019 report and the country now shares its position jointly with Russia and Malaysia. Al Kuwaiti told The National that while the move towards technology is great for humanity, services, and communities, it also presents certain risks. However, the country’s cybersecurity chief is adamant that the UAE will emerge successful in the fight against cyber threats. “The UAE is at the forefront of creating a state-of-the-art and secure digital infrastructure to help drive the country’s digital economy growth,” said Al Kuwaiti. He went on the share that the Cybersecurity Council is determined to build a system that protects all vital sectors in the country – adding that continued partnerships and resilient digital security will strengthen the UAE’s leading position globally in various fields. Recent Cyber-Attacks in the UAE The United Arab Emirates is no stranger to digital threats. We’ve put together a short list of some of the cyber-attacks the country has faced in the past. Cheers Exhibition In 2019, the Cheers Exhibition company was the victim of an elaborate phishing attack. The company builds and installs exhibitions for different organizations and has been on the market for years. Binu Manaf, Cheers Exhibition's CEO and managing director, revealed that a cybercriminal hacked his firm’s email and used a spoofed email to bait its client into wiring funds into an overseas bank. The company only realized that the server had been hacked after one of the clients called them on the phone to ask what it was about. The hacker had been scouring through correspondence containing details of ongoing contracts and outstanding payments and was able to take control of the company’s website. Unfortunately, by the time the company figured out what was happening, the hackers had already gotten another client to transfer over US$ 53,000 overseas. Careem Data Breach Careem, the ride-hailing company based in Dubai, revealed that it was the victim of a cyber-attack in 2018. The company is a subsidiary of Uber and offers lifts or food delivery options. The hackers gained access to the company’s data storage system for 14 million riders and 558,800 drivers. They included email addresses, phone numbers, and trip histories. Fortunately, password and credit card information could not be taken as they were encrypted. The company assured that it takes the protection of customer and driver data very seriously and that no evidence of fraud or misuse from the stolen data has been seen. UAE Invest Bank The UAE Invest Bank was breached in 2015 by someone named Hacker Buba who demanded US$3 million in bitcoin. The hacker broke into the bank system and stole transaction data, credit card numbers, and authorization codes. The bank openly rejected the ransom offer and the hacker subsequently published the stolen data on Twitter. The hacker also tried to convince the editor of the reporting Dubai newspaper to help in convincing the bank to pay the ransom – promising the editor 5% of the received amount. Fortunately, there was no financial loss from the cyber-attack. Moorfields Eye Hospitals One of the oldest centers for treating, teaching, and researching ophthalmology had its UAE branch hacked in 2021. The Dubai Moorfields Eye Hospital was the victim of a cyber-attack. The hackers went on to steal 60GB of data that included copies of ID cards, insurance claim forms, accounting documents, hospital call logs, internal memos, and more. Ransomware group, AvosLocker, claimed responsibility for the attack. The hacking group either sent an email or an ad with the malware and then later proceeded to encrypt the data. The hospital went on to contact all the affected patients.   Image source: https://securityreport.com/ Naturally, all these cyber-attacks have made the UAE more cautious and encouraged people globally to take cybersecurity more seriously. To do that, you have to arm yourself with the right tools and services. Sangfor Security Solutions Sangfor Technologies is a leading cybersecurity and cloud infrastructure provider. The range of advanced and integrated platforms and services offered by Sangfor will ensure that your organization – whether big or small – remains protected. Sangfor offers a variety of tools to boost your cybersecurity posture – including: Sangfor’s Next-Generation Firewall The Sangfor Next Generation Firewall (NGFW) is used in conjunction with Endpoint Security to identify malicious files at both the network level and endpoints. The advanced firewall is a security device designed to inspect network and application traffic for threats, secure the network environment from intrusion, and bring in security intelligence from outside the network. Anything that the on-premises features cannot analyze is automatically sent to the cloud-based Neural-X sandbox for isolation and critical inspection. Sangfor’s Endpoint Secure (EDR) This advanced Endpoint Secure technology provides integrated protection against malware infections and APT breaches across your entire organization's network – all with ease of management, operation, and maintenance. Sangfor’s Cyber Command Platform Finally, this Network Detection and Response (NDR) platform monitors for malware, residual security events, and future potential compromises in your network and is coupled with our advanced Threat Intelligence technology and an enhanced AI algorithm that can keep you updated on any vulnerabilities detected. Sangfor’s astounding capabilities have its reach in the UAE as well. Watch this interview with Mr. Jatin Doshi of Spollex Distribution who has partnered with Sangfor in Dubai for the last 2 years. The company made use of Sangfor’s efficient Next-Generation Firewall. Additionally, read the success story of another client of Sangfor’s based in the UAE who also made use of Sangfor’s Hyper-Converged Infrastructure (HCI) and Internet Access Gateway (IAG) solution. Make the smart choice for your company and choose Sangfor for a proactive approach to cybersecurity that will keep your network safe. For more information on Sangfor’s cyber security and cloud computing solutions, visit www.sangfor.com.   Contact Us for Business Inquiry

Or I’m No Fool with Weaponized AI Okay, I admit the title is clickbait to get you to read this article. There are articles about ChatGPT and its impact on civilization written daily, so I do not need to add to that body of minimal value. But weaponized artificial intelligence (AI) is a real-world problem and something that you need to be aware of. If you saw my interview with Gary S. Miliefsky, the esteemed publisher of Cyber Defense Magazine, on Cyber Defense TV, I talked about how advanced persistent threats (APTs) have weaponized AI by using it to check the environment the malware is running in to determine if the environment is conducive for attack. This is not theory or TV science fiction; this is real and has been happening for a while. Weaponizing AI Previously, the typical level of intelligence that malware had was to watch the system clock and activate the payload on a certain date and time. Next came detecting if the malware was running in a virtual sandbox. The AI could detect if specific hardware was available, and the malware would shut down if it was not. Threat actors have since developed AI modules that evaluate specific environmental conditions to determine if malware should activate. Environmental factors include the domain the system belongs to, user accounts on the system, determining if it is being run in a virtual sandbox, what security software is running, and if it is possible to disable it. That last check is very insidious as APTs can disable security software like Windows Defender. There exists in some APTs a powerful batch script called Defeat-Defender, which can shut down Windows Defender in any Windows system, prevent it from restarting, and hide the fact that it has been disabled so that the administrator is unaware. The APT will then go to sleep for a period of time, say two weeks, and then wake up to check if Defender has been re-enabled. If Defender has not been restarted, then the malware will continue its check to determine if it should activate. If Defender has been reactivated, then the APT will go back to sleep, never to return. ChatGPT and You Figure 1 Defeat-Defender (source: Sangfor Technologies) The best example of weaponized AI being leveraged is the infamous SolarWinds Supply Chain Attack. This attack targeted numerous organizations in the United States and Europe, including hi-tech companies, communications companies, banks, schools, and government departments. In December 2020, both FireEye and Microsoft detected lateral movement attacks that were later found to be a global operation. The attacks, attributed to threat group APT29, implanted malicious code into a core SolarWinds DLL file and distributed backdoor software through SolarWinds’ official website. Using a technique called Living off the Land (LotL), the malicious DLL is called using the valid signed executable, SolarWinds.BusinessLayerHost.exe, and thus considered a trusted process. Trusted processes are not scanned by security software. Once the malicious process was started, it began running a checklist of 9 environmental tests (see figure 2. SolarWinds Strict Environment Check) to see if it could activate undetected. Figure 2 SolarWinds Strict Environment Check Fighting AI with AI The effects on businesses attacked with weaponized AI are significant and include: Ransomware Infection: Attackers use weaponized AI attacks to bypass security systems, build connections with their command & control (C&C) server, and automatically download ransomware executables. Data Breach: Attackers splice sensitive data and append as hosts to computer-generated domain names and send these as DNS requests to their servers. The hostnames are reassembled into exfiltrated data. Assets Under Attacker Control: Attackers control assets for illegal activity (Cryptomining/DDoS as a Service, etc.) These cause disruption to business operations with great financial and operational impact. AI-enabled malware can breach and infect an organization within 45 minutes. No human incident response team can detect and respond quickly enough. Organizations need tools with purpose-built AI models looking for specific behaviors. General-purpose AI models do not have the fidelity to detect different types of intermittent behavior over long periods of time. Behavioral detection should include building baselines of network traffic, user behavior, and application behavior. The models would then identify anomalous deviations, alert, and use SOAR (security orchestration, automation, and response) to command security products to respond using automated playbooks. This reduces the time needed to detect and respond to an attack from days and weeks to a matter of minutes. Most organizations think that their security architecture is robust enough to combat APTs. Yet, ransomware is almost 100% successful, which means the most popular firewalls and endpoint protection are not sufficient to detect and block weaponized AI APTs, let alone go back and detect a breach. The next state-of-the-art security solutions must be AI enabled to detect the AI being used against them. The attackers may currently have the upper hand, but you can start evaluating new smarter tools to fight back.   Original article was published on the Cyber Defense Magazine.

A Top Global NDR Vendor Sangfor Technologies (300454.SZ) today announced its continued success in the Network Detection and Response (NDR) market. According to the latest Gartner® Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 4Q22 and 2022¹, Sangfor ranked among the Top 5 NDR vendors worldwide by market share in 2022 for its NDR product, Cyber Command. This latest recognition follows being named as a Representative Vendor for NDR in the 2022 Gartner Market Guide for Network Detection and Response², which we believe further underscores Sangfor's leading role in the global NDR landscape. We are immensely proud to be ranked among the world’s largest NDR providers for a second year running. Last year's results come on the back of a significant deterioration in market conditions caused by global economic downturn and instability. However, despite the hugely challenging circumstances, everyone at Sangfor rallied around one another to overcome difficulty after difficulty. This is what makes this result extra special and is a testament to the resilience and unwavering spirit of the Sangfor family. Jeremy Jia, President of Sangfor International Market Forecasted NDR Market Growth Global spending on NDR is forecasted to grow steadily in the coming years. According to Garter Forecast Analysis: Enterprise Network Equipment, Worldwide³, the worldwide NDR market was worth $1,403.9M USD in 2022, up 16% from $1,210.2M USD in 2021, with spending forecasted to grow at a CAGR of 12.1% between 2022-2027 to reach $2,488.2M at the end of the period. Sangfor Cyber Command Sangfor Cyber Command is a best-in-class Network Detection and Response (NDR) solution that helps organizations accurately detect and respond effectively to advanced and unknown security threats residing in their network. Cyber Command harnesses the power of artificial intelligence and machine learning to monitor and analyze network-wide traffic in real-time, identifying and alerting security teams to suspicious activity and anomalies. By providing unprecedented visibility of the network environment, Cyber Command empowers security teams to take rapid action to remediate hidden threats, attacks in progress, as well as risks and vulnerabilities. Cyber Command’s built-in SOAR module further enables security teams to automate response actions to detected threats, significantly minimizing the impact caused by security incidents. With Sangfor Cyber Command, organizations can transform from passive bystanders to active participants in their cyber defense and stay ahead of increasingly sophisticated threats of both today and tomorrow. To learn more about Sangfor Cyber Command product capabilities, use cases, demo videos, and success stories, please visit the Cyber Command webpage at www.sangfor.com/cybersecurity/products/cyber-command   Source [1] Gartner, Inc., Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 4Q22 and 2022, By Christian Canales et al., Published March 30, 2023, Revenue basis [2] Gartner Inc., Market Guide for Network Detection and Response, By Cybersecurity Research Team, Published December 14, 2022, listed as Sangfor [3] Gartner Inc., Forecast Analysis: Enterprise Network Equipment, Worldwide, By Christian Canales and Naresh Singh, Published May 3, 2023 Disclaimer: GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.   About Sangfor Technologies Sangfor Technologies is an APAC-based, leading global vendor specializing in Cyber Security, Cloud Computing, and IT Infrastructure. Founded in 2000 and publicly listed since 2018 (STOCK CODE: 300454.SZ), Sangfor employs 9,500 employees, operates 60 offices, and serves more than 100,000 customers worldwide, many of them Fortune Global 500 companies, governmental institutions, universities, and schools. Visit us at www.sangfor.com to learn more about Sangfor’s solutions and let Sangfor make Your Digital Transformation Simpler and Secure.

Sangfor Technologies (300454.SZ), a leading global provider of integrated cybersecurity and cloud computing solutions powered by artificial intelligence, today announced that its Next-Generation Application Firewall (NGAF) earned a RECOMMENDED rating with outstanding  Security Effectiveness and has one of the lowest Price per Protected Mbps in Enterprise Network Firewall testing conducted by CyberRatings.org, a non-profit committed to delivering independent and objective testing of security product efficacy.  Sangfor has achieved consistently high ratings in testing over the past several years. They have a solid product that deserves consideration. Vikram Phatak, CEO of CyberRatings.org World-Class Security without Breaking the Bank According to CyberRatings.org, Sangfor NGAF 5300 provides remarkable cost-effectiveness, with the lowest 3-year TCO (including product purchase, product maintenance, vendor support, etc.) and ranking a close-second for Price per Protected Mbps among all the tested firewall products. This figure is derived from a combination of its high security effectiveness, a rated throughput of 5,782 Mbps, and the low 3-year Total Cost of Ownership (TCO). This proves Sangfor NGAF's excellent value for money, making it the top choice for businesses looking to optimize their security budget without compromising on quality. Outstanding Effectiveness Across Tested Categories CyberRatings.org's comprehensive evaluation of the Sangfor NGAF 5300 showcased the product's exceptional performance in the key areas of Threat Prevention, SSL/TSL Functionality, Stability & Reliability, and Routing & Access Control. The product's impressive AAA rating in three out of four categories underscores its ability to meet the highest standards and deliver excellent value to customers. Ratings Explained According to CyberRatings.org, "a product rated 'AAA' has the highest rating assigned by CyberRatings. The product’s capacity to meet its commitments to consumers is extremely strong." "A product rated 'AA' differs from the highest-rated products only to a small degree. The product’s capacity to meet its commitments to consumers is very strong." Threat Prevention: AA Rating Sangfor NGAF 5300 demonstrated exceptional efficacy in blocking vulnerability exploits and evasion techniques. It successfully prevented 98.26% of 1724 vulnerability exploits, with an impressive 99.4% success rate in client-initiated exploits and 97.5% in server-initiated attempts. Against 1482 evasion techniques, it blocked 100% of client-initiated evasions and 99.6% of server-initiated evasions, culminating in a 95.71% evasion effectiveness score after adjustment according to the weight of evasions. SSL/TSL Functionality: AAA Rating Firewalls must be able to scrutinize SSL/TSL payloads to detect malicious activity concealed by encryption. According to CyberRatings.org, Sangfor NGAF provides complete visibility into 10/10 of the most prevalent cipher suites and prevents 5/5 weak ciphers, making it an effective tool for detecting attacks that are disguised by encryption and those that are aimed at the encryption protocols themselves. Stability & Reliability: AAA Rating It is crucial for a firewall to maintain stability and security effectiveness even under hostile attack and operating under normal load. Any failure to do so could lead to successful breaches and network outages. In the case of Sangfor NGAF, it successfully passed all eight conditions when exposed to a constant stream of policy or protocol violations over an extended period, generating an alert for each detected attack. Routing & Access Control: AAA Rating Sangfor NGAF 5300 successfully passed all the routing and access control scenarios tested by CyberRatings.org. These assessments included complex multiple-zone configurations that support many users, networks, policies, and applications. The successful test results demonstrate NGAF's proficiency in managing and securing complex network environments. A Leader in AI-Powered & Integrated Security Sangfor Technologies is at the forefront of AI-powered and integrated security technology, continuously evolving its products to make security simpler and more effective for its customers.  Sangfor NGAF is the world's first AI-enabled next-generation firewall, powered by Sangfor's Engine Zero artificially intelligent malware detection engine and Neural-X AI threat intelligence platform. Engine Zero has been trained using millions of malware samples to detect unknown malware and zero-day attacks, while Neural-X TI enriches Sangfor NGAF with the latest IOCs and adversary tactics, techniques, and procedures (TTPs) to detect emerging threats. Sangfor takes integrated security to the next level with the Extended Detection, Defense and Response (XDDR) architecture, which seamlessly integrates Sangfor's entire range of security products, including NGAF, Cyber Command, Endpoint Secure, and Internet Access Gateway (IAG). This holistic security systems correlates events from across the network using purpose-built AI models and responds together to contain attacks and eradicate all threats.   Read the 2023 CyberRatings.org Enterprise Firewall report in full   Related Resources Discover Sangfor NGAF’s unique features and powerful capabilities by visiting the NGAF product page and reading through the NGAF product brochure. Find out what leading research firms have to say about Sangfor NGAF, including being recognized as a Visionary in Gartner® Magic Quadrant™ for Network Firewalls, a Strong Performer in Gartner® Peer Insights™ ‘Voice of the Customer’: Network Firewalls, and Forrester Now Tech reports for Enterprise Firewalls and Web Application Firewalls. Learn how customers have greatly benefited from Sangfor NGAF from customer success stories and testimonial videos, including from J&T Express, Bank Victoria, and the Royal Malaysian Customs Department.   Media Contact Sunny Sun +86 755 8656 0605 marketing@sangfor.com

Sangfor won the Visionary Cyber Security Company and Hot Company Extended Detection and Response (XDR) awards at the 11th Annual Global InfoSec Awards at RSAC 2023 Sangfor Technologies is proud to announce we have won the Visionary Cyber Security Company and Hot Company Extended Detection and Response (XDR) awards courtesy of Cyber Defense Magazine (CDM) which is the industry’s leading electronic information security magazine. Jeremy Jia, the President of Sangfor's International Market, has commented that Sangfor is honored to have received one of the world's most prestigious and coveted cybersecurity awards from Cyber Defense Magazine during its 11th anniversary as an independent cybersecurity news and information provider. “We knew the competition would be tough and with top judges who are leading infosec experts from around the globe, we couldn’t be more pleased,” Jeremy shared. The Hot Company Extended Detection and Response (XDR) award was a huge milestone for Sangfor as the XDR framework was used to integrate Sangfor’s security products long before it had a name. Sangfor’s eXtended Detection, Defense, and Response (XDDR) solution takes application control to the next level with its impressive features including application containment by integrating and correlating endpoints, containers, or workload application behavior with their respective behavior on the network. Sangfor annually makes heavy investments in innovative technologies for its security products – investing at least 20% of annual revenue in R&D to improve products and develop new solutions. This has allowed us to release state-of-the-art features like the only Endpoint Ransomware Honeypot, the first Next-Generation Firewall to embed AI for threat detection, the only Next-Generation Firewall with integrated WAF and releasing this year, the only Next-Generation Firewall with built-in true deception technology. Guy Rosefelt, Sangfor Chief Product Officer, receiving the Awards during the RSA Conference 2023 Sangfor Technologies embodies three major features we judges look for to become winners: understanding tomorrow’s threats, today, providing a cost-effective solution, and innovating in unexpected ways that can help mitigate cyber risk and get one step ahead of the next breach Gary S. Miliefsky, Publisher of Cyber Defense Magazine Sangfor is thrilled to be a member of this coveted group of winners and would be delighted to share our red-carpet experience with you. Easily join us to celebrate these incredible achievements by registering at the #RSAC RSA Conference 2023 at https://www.rsaconference.com/usa. About CDM InfoSec Awards This is Cyber Defense Magazine’s tenth year of honoring InfoSec innovators from around the Globe. Our submission requirements are for any startup, early stage, later stage, or public companies in the INFORMATION SECURITY (INFOSEC) space who believe they have a unique and compelling value proposition for their product or service. Learn more at www.cyberdefenseawards.com About the Judging The judges are CISSP, FMDHS, CEH, and certified security professionals who voted based on their independent review of the company-submitted materials on the website of each submission including but not limited to data sheets, white papers, product literature, and other market variables. CDM has a flexible philosophy to find more innovative players with new and unique technologies, than the one with the most customers or money in the bank. CDM is always asking “What’s Next?” so we are looking for best-of-breed, next-generation InfoSec solutions. About Cyber Defense Magazine Cyber Defense Magazine is the premier source of cyber security news and information for InfoSec professions in business and government. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting-edge knowledge, real-world stories, and awards for the best ideas, products, and services in the information technology industry. We deliver electronic magazines every month online for free, and special editions exclusively for the RSA Conferences. CDM is a proud member of the Cyber Defense Media Group. Learn more about us at https://www.cyberdefensemagazine.com or visit https://www.cyberdefensetv.com and https://www.cyberdefenseradio.com to see and hear some of the most informative interviews of many of these winning company executives. Join a webinar at https://www.cyberdefensewebinars.com and realize that Infosec knowledge is power. About Sangfor Technologies Since its formation in 2000, Sangfor Technologies has been a global leader in IT infrastructure, security solutions, and cloud computing. Constant innovation and dedication to creating value for our customers are the heart of our corporate strategy. Sangfor’s 9500+ employees take customer’s business needs and user experience seriously by servicing and supporting them at over 60 branch offices globally in exciting locations like Hong Kong, Malaysia, Thailand, Indonesia, Singapore, Philippines, Vietnam, Myanmar, Pakistan, UAE, Italy, Spain, Türkiye, and the USA. Sangfor has more than 100,000 satisfied customers worldwide - including Fortune Global 500 companies. Governments, universities, financial institutions, manufacturing, and many other industries trust us to protect them from the next generation of cyber threats and help them on their journey to digital transformation with future-proof IT infrastructure. Sangfor is also one of the only (if not the only) vendors that support end-to-end Zero Trust starting with authentication of user/device/application and providing dynamic authorization to both on-premises and cloud-based resources. We also pride ourselves on our excellent service. Customers enjoy fast 24x7 online support 365 days a year and personalized on-site service support from over 10,000 certified engineers at our three Customer Service Centers in Malaysia & China as well as local consultants in most of the countries we are located.   Sangfor Technologies Inquiries: Contact: Sunny Sun Email: marketing@sangfor.com Call: +86 755 8656 0605 Website: www.sangfor.com   CDM Media Inquiries: Contact: Irene Noser, Marketing Executive Email: marketing@cyberdefensemagazine.com Toll Free (USA): 1-833-844-9468 International: 1-646-586-9545 Website: www.cyberdefensemagazine.com   Guy Rosefelt, Sangfor Chief Product Officer, Interview with Cyber Defense Magazine 2023