Sangfor Endpoint Secure

The Future of Endpoint Security

Sangfor Endpoint Secure utilizes a different approach to defending systems from malware and APT threats compared to current next-generation Anti-virus (NGAV) or endpoint detection & response (EDR) solutions.


Endpoint Secure is part of a truly integrated cooperative security solution with Sangfor’s NGAF, IAM, and Cyber Command, providing a holistic response to malware infections and APT breaches across the entire organization's network, with ease of management, operation, and maintenance.  The solution is scalable to meet the needs of any organization needing on-premise management, cloud management, or a hybrid solution when it comes to endpoint security, protection, detection, and response.

Click Here to Watch the Video
Click Here to Watch the Video

About Sangfor Endpoint Secure - EDR Tools

Going forward, traditional endpoint security currently in use will have to be modified and updated, especially in the corporate world. With polymorphic malware being utilized in virtually all attacks today, the security solutions on offer that help with detection and response simply fall short of the mark.

With that in mind, the demand for endpoint security is expected to surge in the near future as forecasts indicate that damages from cyber security attacks and crimes are set to hit $6 trillion annually in 2021. With cyber security becoming increasingly vital in the digital age, the implementation of EDR tools will be more widespread to enhance security and protection. It will also go a long way in helping detect and respond to potential attacks in the future, making it an ideal security solution.

With endpoint security playing a greater role and being incredibly important now more than ever, it is essential to have the right EDR tools in place to combat cyber security attacks. Sangfor Endpoint Secure is the best endpoint security solution available and ensures that any security threats are curbed swiftly and effectively. This culminates into the corporate world being safer and better protected.

While safety is an essential feature of Sangfor Endpoint Secure, it doesn’t stop there as it goes above and beyond the call of duty to provide the ultimate in cyber protection. Whether this be stopping hackers in their tracks or laying the groundwork to avoid being held for ransom, Sangfor Endpoint Secure is paving the way for a safer tomorrow.

Sangfor EDR is one of the Cyber Forensics Tools

  • IT professionals can investigate any previous breaches to gain a better understanding of the security systems in place
  • Forensic tools can also be utilized to track down undiscovered or lurking threats in the system, such as malware

Works on any Operating Systems

  • Capable of being used across multiple operating systems, Sangfor Endpoint Secure provides premier EDR tools for security, protection, detection, and response. It can be utilized on Windows and Linux operating systems.

Virtualization for any cloud services

  • As a virtualized endpoint security solution, Sangfor Endpoint Secure is being used on many cloud services, including Tencent Cloud and Alibaba Cloud.

Proven Success Records

  • Sangfor has successfully resolved cyber security attacks or implemented measures to stop them from happening for some of the world’s biggest firms, such as Coca-Cola. For a more in-depth insight into the capabilities of Sangfor’s endpoint security, protection, detection, and response, please read the success stories above.
  • You can also watch the videos that best describe functions and operations of Sangfor's EDR Security Solution. 
  • Please download and share brochure and fact sheets and share with your colleagues for better understanding. Reach us out for more details. 

Awards & Achievements

AV-Test Certification

AV-Test Certification

Sangfor Business Antivirus Solution Receives AV-Test Top Award

Magazine CDM “Next Gen” Award icon

Magazine CDM “Next Gen” Award

Sangfor Endpoint Secure Won Magazine CDM “Next Gen” Award

Features and Capabilities

Multi-dimentional Response

  • Vulnerability scanning Patch management
  • Compliance monitoring, Asset tracking & rogue identification
  • Threat intelligence Disturbed multi-stage AI engines
  • One-click/automatic host micro-isolation, One-click/automatic file disposal/restore
  • Network-Wide threat desposal, NGAF/IAM/ Endpoint Integration

Simpler Smarter Monitoring

  • Scheduled or on-demand vulnerability and security policy compliance scanning
  • Vulnerability Scan results provide informative patch recommendations, including global threat correlation.
  • Compliance monitoring compares endpoint security configuration with organizational policies
  • Enterprise asset tracking
  • Malware sandbox in Endpoint Secure Manager for dynamic analysis
  • Endpoint Secure Protect Agent Ransomware honeypot capability

World-class Malware Analysis and Detection

Endpoint Secure does not just identify and block malware & APTs, it concentrates on the detection and response, ready to contain and mitigate that one breach WHEN it happens.

Operating Systems

redflag linux


sangfor cloud

Success Stories

Below you will find all the Success Stories of Sangfor, classified by Industry, such as Enterprises, Governments, Schools & Universities, etc.

J&T Express


J&T Express

Coca Cola Feature Image

Manufacturing & Natural Resources

Coca-Cola Security Recipe

J&T Express

J&T Express

Coca Cola Feature Image

Coca-Cola Security Recipe


Cyber Command Correlates with Endpoint Secure to Automatically Deal with Network Threat

Cyber Command Correlates with Endpoint Secure to Automatically Deal with Network Threat
Guy Rosefelt Interview with Cyber Defense Magazine 2022
The PC Security Channel Security Test for Sangfor Endpoint Secure
Let Sangfor Protect you Against Ransomware
Sangfor Cloud-Firewall-Endpoint Integrated Solution

Latest Blog

latsest webinars img
Cyber Security

Healthcare Data Security: How to Prevent Ransomware in Healthcare

The healthcare industry has made incredible leaps in technological advancements – straining itself to stay ahead with innovative and intelligent software. Deloitte estimates that 70% of medical devices will be connected by 2023 - with healthcare agencies taking more advanced steps, such as implementing smart technology like IoT. However, with these strides taken, the threat of ransomware attacks has become even more prevalent, especially within Asia. Cybersecurity has not always been at the forefront of issues concerning the healthcare industry but the Covid-19 pandemic showed the vulnerabilities of having enhanced tech within such a crucial field. After the release of the INTERPOL 2021 ASEAN cyberthreat assessment report, INTERPOL’s Director of Cybercrime Craig Jones said that “the COVID-19 pandemic has accelerated digital transformation, which has opened new opportunities for cybercriminals.” The same report also stated that within the ASEAN region hospitals in Indonesia and Thailand have also fallen victim to cybercrimes. Healthcare organizations are implored to deploy better cybersecurity and healthcare data security measures within their facilities as it may very well be a matter of life and death if not. Ransomware Used Against Healthcare Data Security Most cyber-attacks against the healthcare industry are in the form of ransomware threats. It's a type of malware that prevents users from accessing their system, either by locking the system's screen or by locking users' files unless a ransom is paid to the criminals. Modern ransomware - collectively categorized as crypto-ransomware, uses encryption and forces users to pay the ransom through specific online payment methods to receive a specific decryption key to unlock their data. While it’s reasonable to assume that such an essential and life-affecting sector would be left out of the grasp of cybercriminals, a new sectoral survey report by Sophos revealed a 94% increase in ransomware attacks on the healthcare industry, as reported by Techwire Asia. The question then begs, why are hospitals being targeted at all? Why Target Healthcare Data? The general idea of maintaining a strict cybersecurity presence and healthcare data security within the healthcare sector is to maintain the confidentiality and integrity of critical patient data. This Maryville University article upholds that healthcare cybersecurity focuses on preventing attacks by defending systems from unauthorized access, use, and disclosure of patient data. There are many reasons these facilities come under perilous attack from ransomware: Faster Ransomware Response Cybercriminals already know that these institutions are usually strained under enormous pressure and are therefore more likely to pay the ransom amount faster in order to gain access to their systems. Doctors and nurses simply cannot afford to risk the lives of others in trying to negotiate terms of ransom and opt to pay them off immediately. Overwhelmed Resources Cyber-criminals prefer to take advantage of hospitals in dire constraints that are pushed beyond capacity. This was seen in the vaccine booking system ransomware attack in Italy that halted essential Covid-19 vaccine distribution. Times of crisis in the healthcare industry act as the perfect breeding ground for malware attacks, thus leading to compromised healthcare data security. Outdated Equipment While most healthcare industries have pushed to digitalize their infrastructure, a startling amount of these facilities still rely on legacy technology - risking patient data and critical hospital functions with the use of inefficient equipment. Resistance to Cloud Technology The idea of change can be daunting and this is no different in the healthcare industry when it comes to updating IT infrastructures to a cloud platform. According to a report done by ClearDATA, smaller healthcare providers may have fewer resources to manage the complexity of cloud migration and healthcare data security and are more likely to identify it as a barrier. Interest in Data Mining The growing surge of ransomware is being used to infiltrate and compromise healthcare data security and has become a major point of reference for these attacks – with criminals looking to gain access to patient files in order to release them onto the dark web to the highest bidder. These are only some of the reasons but Sangfor Technologies goes into more detail about the reasons why healthcare industries may be targeted in a blog article. The Effects of Healthcare Industry Ransomware Attacks The effects of cyber-attacks on the healthcare industry are critically damaging, especially when considering the implications globally. Due to the advanced technological strides made within the healthcare system, reliance on technology for most practical and administrative procedures will be affected and frozen by a ransomware attack. Some real-life examples of these ripple effects can be categorized as follows: Life Endangerment Naturally, the first line of consequence when a cyber-attack is launched against any healthcare facility would be the immediate danger posed to human life. When a ransomware attack is in progress, access to life-saving machinery and technology is halted – risking the lives of patients. There are 2 incidents of death caused by ransomware attacks on hospitals in recent years. As proven in the harrowing case reported by the Wall Street Journal of a newborn baby delivered at the Springhill Medical Center in the USA – whose IT system suffered a recent ransomware attack. The baby passed away shortly after birth when the machinery needed to detect any health issues was rendered obsolete due to the cyber-attack. Financial implications In August 2022, St. Charles Health System overpaid 2 million dollars to 2,358 employees. This comes after the hospital was prevented from accessing timecard data for months after a cyber-attack in December on the Ultimate Kronos Group – a company responsible for scheduling, timekeeping, payroll, and human resources data. St. Charles is now demanding repayment from the employees. This is just one example of the devastating ripple effects on people’s lives and livelihoods that ransomware attacks hold on the health industry. This ransomware attack on Kronos affected numerous other organizations financially as well. Patient Confidentiality When ransomware attacks take place, the data that is hijacked and encrypted can also be leaked onto the dark web – risking the sensitive information of thousands. A recent example of this was when Practice Resources LLC notified 28 healthcare entity clients that 942,000 of their patients’ sensitive information was compromised in a ransomware attack in April. The New York-based management and billing vendor said in their incident report that hackers may have obtained names, home addresses, dates of treatment, and internal account numbers. Another incident of this kind was in Indiana when Goodman Campbell Brain and Spine admitted in a report that they were the victims of a ransomware attack that resulted in the release of almost 363,000 patient files being leaked onto the dark web. The Texas Methodist McKinney Hospital also reported a cyber-breach in their systems in July of this year. These incidents prove that an unstable cybersecurity system in healthcare can snowball into affecting every client in your facility’s system log. What Solutions Are There to Maintain Healthcare Data Security? We can understand the tumultuous implications of ransomware on entire industries, with entire nations sometimes falling prey to this line of attack, as in the case of the ransomware attack in Costa Rica. However, the debilitating effects of these ransomware attacks hold a significantly higher toll on the healthcare industry and the security of healthcare data as a whole. So how do we combat these threats and maintain healthcare data security? Some general security solutions to note would be to: Hire expert cybersecurity service providers to perform full security assessments. This will help you understand and take the necessary actions to improve your organization’s state of security. Leverage a security partner and resources that supplement your organization and improve your technology. Use a cybersecurity vendor that has excellent threat detection and response. Outsource part of or all network security operations and maintenance to a security service vendor through a Managed Security Service (MSS). The Sangfor Solution for Healthcare Ransomware Attacks Sangfor Technologies is a world-class cybersecurity and cloud computing company that offers intensive and advanced enterprise ransomware prevention and state-of-the-art IT infrastructure for the healthcare industry. Ransomware detection and avoidance have never been simpler with this integrated solution that pieces together several advanced Sangfor products: Next-Generation Firewall (NGAF): Sangfor’s ransomware solution uses an advanced network security firewall for comprehensive and integrated surveillance and protection of your entire security network with help from Endpoint Secure to root out any malicious threats. Sangfor Managed Cloud Services: Sangfor’s Managed Cloud Services makes the transition to cloud infrastructure simplified and secured. It allows your organization to use integrated cloud technology to stay updated and ahead while the Hyperconverged Infrastructure ensures that your cloud computing is fully optimized by converging compute, storage, networking, and security on a single software stack. Sangfor’s Internet Access Gateway: Effective Ransomware protection requires a secure web gateway that defends company resources by allowing you to identify, analyze, and take immediate action upon user internet access behavior. In addition, it allows you to discover intelligent network traffic solutions to take full control from within. Cyber Command: The groundbreaking network detection and response solution from Sangfor provides automated responses to threats – with AI and machine learning technology to help your company isolate, analyze and eliminate potential threats before they can infiltrate your system. Sangfor’s Security Solution for Ransomware is the only complete, holistic security solution to prevent and mitigate ransomware attacks in real-time. No other anti-ransomware prevention tool can impact every step in the ransomware kill chain and no other solution is modular enough to be tailored to the requirements and budget of an organization. Sangfor provides tangible solutions for ransomware affecting healthcare data security in an automated and simplified manner – allowing doctors and nurses to focus on saving lives while we protect your data. Read the success stories of our satisfied customers in the healthcare industry, such as Mariano Marcos Memorial Hospital and Medical Center and Zhongshan Hospital, or contact us for more information.   Contact Us for Business Inquiry

Cyber Security

How Supply Chain Cyber-Attacks Are Squeezing Businesses

The 21st century has led many companies to push towards advanced logistics and technology infrastructure in order to keep up with an expanding digitalized climate. The strides made within the global shipping industry have been extensive. The rapid increase in modernized technology however came with the risk of vulnerability from newer and more dangerous cyber threats. The world relies on supply chain ports and shipping company industries for manufacturing, obtaining raw materials, and the delivery of products. Corporations lean heavily on the integrity of the supply chain to keep their businesses running efficiently - even the slightest disruption to the supply chain can have devastating ripple effects. Due to this glaring vulnerability, shipping ports have now become the target of many supply chain cyber-attacks, and companies must now face a reality where entire supply lines can be crippled by a click of a button. Why Target Shipping Ports? The amount of traffic that most shipping ports see within a day is staggering, to say the least. Container News notes that with most of the largest and busiest container ports found in Asia, the continent is a crucial part of the global supply chain. The networks of most modern freight infrastructure depend on connectivity to remain at the forefront of technology. Supply chain ports require more advanced structures and opt to digitalize the entire framework of operation - from navigation, design requirements, and distribution to production schedules, invoicing, and payments. With all these features suddenly cloud-based and non-tangible, every step forward becomes a step towards vulnerability to multiple cyber-threats. The Effects of Supply Chain Cyber Attacks The trickle-down effects of a supply chain cyber-attack can have devastating effects – not only on companies but entire economies. A simple malicious software could halt the production process of an entire nation by simply targeting the ports they operate from. The Port of Los Angeles executive director Gene Seroka told Sam Fenwick at the BBC that the number of attacks targeting the port is now around 40 million monthly. Fenwick reported that “they face daily ransomware, malware, spear phishing, and credential harvesting attacks, with the aim of causing as much disruption as possible and slowing down economies.” Cyber-attacks on ports push to cause as much disturbance to the supply chain as possible by targeting the vulnerable software of ships. In a rush to modernize, most companies neglect the security aspects of their installed systems and leave themselves open to a number of vicious malware. What Happens When Supply Chains to Ports are Disrupted? Supply chain blockages have a domino effect on multiple industries - from raw material transportation to end product delivery. Published as part of the ECB Economic Bulletin, it’s suggested: “that supply chain shocks account for around one-third of the strains in global production networks.” The effects of the Covid-19 pandemic alone served as a visceral reminder to industries and consumers alike that the consequences of supply chain interferences have far-reaching and lasting effects. When shortages of supply occur, the repercussions spill over into every sector. Financial losses The financial fallout of halting a supply chain is met with the most apprehension. Companies face extensive fiscal backlash after supply chain cyber-attacks hinder supply/demand - from paying off ransoms to consumer litigation costs and the overall loss of production. Cybersecurity Ventures estimates that globally cybercrime will cost $10.5 Trillion annually by 2025. The 2017 Maersk NotPetya ransomware attack showed substantial financial consequences when the shipping giant froze worldwide logistics operations, costing the firm up to $300 million in damages. The possible financial impacts were demonstrated by the University of Cambridge Centre of Risk Studies (CCRS) in the publication of “Shen attack” – a report created based on the hypothetical scenario in which a computer virus carried by ships scrambled the cargo database records of 15 major Asia-Pacific ports - leading to dire effects on the global economy. The report found that economic losses from the theoretical disruption would lead to losses ranging from an estimated $40.8 billion to $109.8 billion. Consumer Price Hikes Supply chain disruptions also affect inflation - pushing the prices of essential goods and materials to alarming levels. The problem is in the supply being unable to meet demand - making the cost to consumers skyrocket with every delay. Production Expenditure While consumers do bear the brunt of supply chain disruptions, there is a drastic increase in production costs possibly as a result of being directly exposed to the damage. Supply chain cyber-attacks such as the one on energy giant Shell forced them to reroute oil supplies after malware affected their systems, similar to the Colonial Pipeline incident which also saw the halting of production. Other countries such as Belgium and the Netherlands endured cyber attacks on their ports as well – resulting in huge supply line gridlocks. Shortage of materials and services A supply hindrance also affects the availability of resources and cuts down on manufacturing. Supply chainvcyber-attacks slow down the supply of services and materials – which is what happened to car manufacturing giant Toyota which suspended production after a key supplier in Japan was hit with a ransomware attack. What Causes Cyber-Threats to Supply Chains? Most causes of supply chain cyber-attacks stem from a basic lack of knowledge but it is not the only cause of the surge in cyber-crime against shipping companies. Increased Cyber Facilities The amount of information and leverage that can be used against companies pulled from vulnerable networks is astounding. Many hackers, and even governments, find it strategically more convenient to destabilize organizations through cyber-attacks – procuring sensitive information, ransoms, and generally disrupting supply chain port operations. Sophistication of Malware The dramatic development in technology comes with its own negative reflex of having equally, if not more advanced, cyber-threats to face. Supply chains now come under direct attack from types of malicious software that have worse implications and faster rates of infection. Remote Work Since the Covid-19 pandemic, the escalation of remote working environments has put a toll on supply chains as well. With more people needing tablets, laptops, and other products to create an in-home workplace - the surplus of product needs has bottlenecked supply chain ports globally. In pushing to virtualize operations, many companies tend to neglect security protocols – inviting in cyber-threats. This vulnerability still exists even within the hybrid work model - which is a blend of both in-person and remote working structures. Larger companies may have the resources to cope with these cyber attacks, but smaller businesses or systems accessed on home-based computer systems may find themmuch more difficult to thwart. The complexity of Cloud Infrastructure Many companies fail to push toward cloud computing infrastructure as they find the operation and management of cloud technology daunting. This allows the risk of on-site servers being compromised and a dangerously low level of security – leaving the company and supply chain vulnerable to cyber-attacks. Lack of Expertise The general complacency of production and consumer-driven logistics also plays a huge role in these disruptions. Supply chain cyber-attacks depend mostly on human error and lack of preparation. Arina Palchik, the global commercial director of remediation at NCC Group has advised that “specific areas for improvement include clarity around responsibility for preventing, detecting, and resolving attacks.” It has never been more necessary to implement sound cybersecurity and IT infrastructure in your organization to avoid the risk of any supply chain cyber-attack. This is where Sangfor steps in. Recognized in Forbes China 50 Most Innovative Companies 2022, Sangfor is dedicated to ensuring your cyber security needs are met. How Do We Prevent Supply Chain Cyber-Attacks? The risk of supply chain cyber-attacks is forever imminent and while we should remain optimistic, the threat to supply chains from cyber-criminals is too high to risk your company. We’ve seen how even the slightest disruption to supply chains can have overwhelming consequences in numerous ways, so how can businesses help secure themselves from cyber-threats against their supply chain? Apply Supply Chain Risk Management The supply chain is a very delicate and dynamic operation which requires applied assessment and engagement to ensure it runs smoothly. Dedicate your company’s resources to monitoring and disarming potential threats to the supply chain – from supply chain ports to the delivery logistics. Building Up a Safety Stock A safety stock is the additional products held in the inventory to null the consequences of potential supply chain disruptions. It acts as a buffer for your company in the event of a supply chain cyber-attack – ensuring sales and distribution do not halt if the supply chain does. Diversifying Manufacturers and Suppliers Supply chain cyber-attacks stand to break down entire production lines from attacking a single port. Relying on a single manufacturer for key components might result in catastrophe – invest in different supply partners to avoid the risk of cyber-attacks on supply chain ports destabilizing production. Investing in Better Technology The type of technology that a company uses is its biggest vulnerability – with outdated and lax security systems that act as the perfect doorway for cyber-attacks to debilitate your company’s software infrastructure. Breaches in security are a loss of credibility in the public eye and risks losing consumers to organizations better equipped to deal with cyber-attacks. Sangfor prides itself in being a leading cloud computing and cyber security provider and will ensure your company and assets are protected in the case of a supply chain cyber-attack. In Closing: What Solutions are Provided by Sangfor? Sangfor prides itself on being a leading cloud computing and cyber security provider. With advanced cloud infrastructure and managed cloud computing facilities, Sangfor takes the pressure off clients to build and maintain world-class data centers by providing the services needed to take your operation to new digital heights. While Sangfor is at the forefront of technology – they can also understand that with every advancement, the cyber-threat increases as well. Sangfor provides the most encompassing and dedicated security for all your company’s needs: Sangfor’s Cyber Security Solutions Sangfor’s Next Generation Firewall provides a holistic view of the entire organizational security network - with ease of operation and maintenance for administration. Sangfor’s Endpoint Secure is the best endpoint security solution available and ensures that any security threats are curbed swiftly and effectively. Cyber Command is the next-generation, AI-driven Network Detection and automated threat response platform that helps businesses identify threats and hunt them down. Sangfor’s Anti-Ransomware Solution impacts every step in the ransomware kill chain and is modular enough to be tailored to the requirements and budget of an organization. Sangfor’s SASE offers simple product implementation with real-time cloud-based incident response, active incident alerts, and one-click handling. Sangfor’s Extended Detection Defense and Response (XDDR) directly coordinate responses between Sangfor and some 3rd party products together using Cyber Command to integrate threat information - uncovering hidden threats to on-site or remote employees. Sangfor’s Incident Response: provides a full scope of all compromises, identifying every aspect of how an attack occurred. Sangfor’s Hyper-Converged Infrastructure Reliance on platforms such as Sangfor’s Hyper-Converged Infrastructure (HCI) provides backup and data protection in the case of cyber emergencies. While measures of security can be taken - in the case that threats bypass systems, having reliable infrastructure and support is just as important as having strong security. In a drastically changing world of cyber-crime and technology threats, Sangfor aims to provide maximum security against supply chain cyber attacks and provide you with peace of mind. Find out more on the Sangfor website.   Contact Us for Business Inquiry

Cyber Security

Cyber Attack in Hotel Industry Strikes the IHG

The Hospitality industry has always strived to stay ahead with technology – expanding its reach across borders with advanced IT infrastructure to manage a seamless and efficient experience for holidaymakers, businesspeople, and regular travelers alike. Relying on technology for almost all administrative needs in accommodation raises crucial security concerns about the data safety of guests. The InterContinental Hotel Group is no stranger to this scrutiny after suffering a cyber-attack in early September of 2022. Although it is not confirmed that it was a ransomware attack, most of the speculation points in that direction. Holiday Inn Hotel Cyber Security Incident Source: The hospitality conglomerate, InterContinental Hotel Group (IHG) manages 17 of the world's largest hotel chains – including the Regent, Crowne Plaza, Holiday Inn, and Candlewood Suites, to name just a few. IHG boasts the running of 6,028 hotels with 882,897 rooms in more than 100 different countries. The company confirmed that the Holiday Inn Hotel subsidiary of IHG was hit by a cyber-attack and in a statement released by the IHG, they reported “that parts of the company’s technology systems have been subject to unauthorized activity.” While the IHG did not say in the press release that there was any loss of client data, the systems for “booking channels and other applications have been significantly disrupted.” Attempts to book a room online through the IHG Kimpton and Holiday Inn websites were unsuccessful according to Forbes. IHG maintains that they are working to fully restore all systems as soon as possible and to assess the nature, extent, and impact of the incident. The hospitality colossus is not new to the cruelty of cyber-attacks - finding malware in their systems in April of 2016. The attack affected 1,200 of its hotels in the United States who were victims of a three-month-long cyber-attack that compromised the card data of guests and saw the IHG settling to a $1.5 million class action lawsuit in 2020. More recently, the Lockbit ransomware gang claimed last month that it had stolen data from the Holiday Inn branch in Istanbul. Recent strings of ransomware attacks have pushed the general public and corporations to reconsider their cyber security needs this year. Several public sector organizations in the United States suffered attacks in June and there has been a noticeable rise in ransomware attacks all across Asia. The trend of ransomware attacks this year has escalated noticeably. Notable 2022 Ransomware Attacks  Nvidia, the world’s largest semiconductor chip company, was compromised by a cyber-attack in February of 2022. The California-based company confirmed that the threat actor had started leaking employee credentials and proprietary information online. Lapsus$ - a hacking gang, took responsibility for the attack and claimed they had access to 1TB of crucial company data then demanded a $1 million ransom and a percentage of an unspecified fee from Nvidia. Lapsus$ also claimed the credit in January for the ransomware attack on Impresa - which is Portugal’s largest media conglomerate. Another devastating ransomware attack affected the entire country of Costa Rica. The Conti Ransomware Attack halted the economy of the Central American country - affecting several branches of government and the public sector at large. A national state of emergency was declared on May 8th by the president. Likewise, the media giant Nikkei Group’s Singapore-based headquarters was the victim of a ransomware attack in May of 2022. When unauthorized access to their internal server was noticed, the company discovered the breach and stated that it was likely that customer data has been affected. Back within the hospitality industry, DataBreaches reported that Marriott Hotels had been hit by the third cyberattack in four years in July. The cybercriminals gained access to 20GB of data - including credit card information and internal company documents. Hotel industries are targeted by cyber-criminals due to the vulnerability of guest information and inadequate cybersecurity in place. A blog post adds that hotels are frequent targets of data breaches due to online bookings and the processing of numerous credit card payments – making their IT systems an attractive weakness. Hospitality corporations may come under even more severe ransomware attacks due to this vulnerability. People let their guard down when traveling and rely on their lodging for dependable and secure services, therefore it should be the responsibility of hotel industries to deploy stringent cybersecurity measures to assure guests that their personal information will never be compromised. This is where Sangfor Technologies shines – offering state-of-the-art protection from all types of malware.  Sangfor’s Tools to Prevent Ransomware Attacks Sangfor’s solution for ransomware is the only complete and holistic security measure to prevent and mitigate ransomware attacks in real time. By integrating key products and services within Sangfor’s cybersecurity toolkit, your company can sit back and allow advanced and automated technology to safeguard your company’s and your guest’s data. Sangfor’s Anti-Ransomware provides an innovative strategy that successfully mitigates ransomware attacks by breaking every step in the kill chain – providing encompassing protection and using Sangfor’s Engine Zero with multi-stage AI analysis capabilities to detect anomalies. Sangfor’s Next Generation Firewall (NGFW) is used in conjunction with Endpoint Security to identify malicious files at both the network level and endpoints. The advanced firewall is a security device designed to inspect network and application traffic for threats, secure the network environment from intrusion, and bring in security intelligence from outside the network. Anything that the on-premises features cannot analyze is automatically sent to the cloud-based Neural-X sandbox for isolation and critical inspection. Incident Response is a Sangfor service geared towards flexible, fast, and effective elimination and prevention of cyber-attacks. The focus of incident response is locating and eradicating threats while implementing active disaster recovery and providing tailored analysis to help safeguard your company from future cyber-attacks. Sangfor understands that the strongest test of whether an incident response plan is strong is the organization’s ability to recover from the incident. Additionally, Sangfor’s Disaster Recovery Management provides a full range of disaster recovery solutions. This is based on the customer’s Recovery Time and Recovery Point Objective requirements in a simple, resilient and manageable way. Companies should make the continuity of their business a pivotal point despite any cyber-attack trying to halt operations. As such, Sangfor’s Disaster Recovery has key features in place to ensure this can happen seamlessly without any data loss.  Lastly, the Sangfor Cyber Command (NDR) Platform helps to monitor malware, residual security events, and future potential compromises in your network. The Cyber Command solution is coupled with Threat Intelligence and an enhanced AI algorithm to keep you updated with any vulnerabilities in the system and any threats detected.  Companies can make use of Sangfor’s cybersecurity solutions to ensure a fully guarded IT infrastructure and can conduct regular cyber security management to alleviate risks. The hotel trade can now take a break as well knowing that Sangfor’s advanced and integrated security solutions will provide efficient and effective protection against ransomware. Browse through the Sangfor Ransomware Protection Best Practices brochure and the Sangfor Ransomware Response Playbook brochure for more information on the detailed and clinical precision of Sangfor’s anti-ransomware solutions. For more information on Sangfor’s cyber security and cloud computing solutions, visit   Contact Us for Business Inquiry

Latest News

latest news img
Press Release

AV-Test Certified Ransomware Protection with Sangfor Endpoint Secure

Sangfor Endpoint Secure Achieves 100% Ransomware Protection Sangfor is excited to announce that Sangfor Endpoint Secure achieved 100% ransomware protection in the Advanced Threat Detection Test conducted by AV-Test, one of the world's leading independent test institutes for IT security products. In the Advanced Threat Detection Test, Sangfor Endpoint Secure scored a maximum of 40 points and was awarded the “Advanced Approved Endpoint Protection” certificate. The latest AV-Test certification follows on from the AV-Test “TOP PRODUCT” award received in recognition of Endpoint Secure’s 100% protection against hundreds of 0-day attacks and thousands of newly-discovered malware.  RaaS Heightens the Urgency for Ransomware Protection The Advanced Threat Detection Test report by AV-Test notes that Ransomware-as-a-Service (RaaS) is gaining traction, a trend also reported in Sangfor’s Global Ransomware Trends Report. RaaS is essentially a ransomware-for-hire model that allows non-specialists to take part in ransomware attacks. Sangfor has data proving this criminal business model has contributed to an increase in recent ransomware attacks and likely more in the future. It is imperative for organizations to adopt robust ransomware protection to safeguard their business.  The Advanced Threat Detection Test from AV-Test provides organizations with objective and authoritative research into the effectiveness of ransomware protection software on the market.  Advanced Threat Detection Test by AV-Test The Test The Advanced Threat Detection Test evaluated 34 endpoint security products from market-leading vendors, including Microsoft, McAfee, Trend Micro, and Sangfor. The 34 products were further divided into 17 consumer solutions and 17 corporate solutions. The Test Scenarios Each security product was tested against 10 realistic ransomware attack scenarios on Windows operating systems. One attack involves a spear phishing email with a zip attachment that contains an executable file. The file launches immediately upon unzipping, and the ransomware starts to encrypt the system using a series of steps called a kill chain. AV-Test mapped each kill chain step of the ransomware attacks to the MITRE ATT&CK Framework (see Figure 1 for an example).  Figure 1. Ransomware Scenario 01 in the Advanced Threat Detection Test, Courtesy of AV-Test The Scoring Criteria According to AV-Test, an attack is considered thwarted if the security product detects and stops ransomware in one of the first two steps (Initial Access or Execution). Four points are awarded for complete ransomware detection and defense, meaning a maximum of 40 points for 10 scenarios. Points are deducted for non-detection, partial detection (ransomware manages to encrypt files), or if the ransomware threat remains on the system. AV-Test color-coded the attack steps to help readers quickly evaluate the performance of security products in each scenario (see Figures 2-3 for examples): Green (detected and attack stopped) Yellow (detected but not completely blocked) Orange (no detection) Figure 2. Sangfor Endpoint Secure’s performance in Scenarios 01-06 Figure 3. Sangfor Endpoint Secure’s performance in Scenarios 07-10 The Test Results Out of the 17 consumer solutions, 12 products were awarded the maximum 40 points.  Out of the 17 corporate solutions, 12 products were awarded the maximum 40 points, including Sangfor Endpoint Secure, proving that Sangfor Endpoint Secure is one of the best ransomware protection solutions on the market.  To learn more about the Advanced Threat Detection Test, visit the official AV-Test website to read the test report in its entirety. Ransomware Protection with Sangfor Solutions Sangfor Endpoint Secure is a powerful Endpoint Detection and Response (EDR) solution that goes beyond traditional anti-malware and antivirus software. Sangfor Endpoint Secure leverages Sangfor’s proprietary Engine Zero AI malware detection engine and Neural-X threat intelligence platform to deliver unrivaled malware protection for endpoints.  Sangfor Endpoint Secure is built with innovative anti-ransomware tools, including the world’s first and only endpoint ransomware honeypot, which quickly detects and kills the ransomware encryption process, minimizing any damage to the system. The encryption controlling application is also identified and then located on other infected systems allowing “One-Click Kill” to eradicate the detected ransomware throughout the organization with just a single mouse click. Sangfor NGAF - Next Generation Firewall (NGFW), Sangfor IAG, Sangfor Cyber Command, and Sangfor Endpoint Secure integrate together as part of  Sangfor’s Anti-Ransomware solution. With security deployed at the perimeter, endpoint, and network, Sangfor’s Anti-Ransomware is a holistic solution that breaks every step of the ransomware kill chain. Sangfor Anti-Ransomware is a modular solution that can be tailored to meet the ransomware protection requirements of any organization.  Visit the Sangfor Anti-Ransomware webpage to find out how Sangfor keeps customers safe from ransomware infection. To learn more about ransomware attacks and how they work, read our glossary article that gives you a good overview of ransomware attacks. Figure 4. Sangfor Anti-Ransomware Solution About Sangfor Technologies Sangfor Technologies is an APAC-based, leading global vendor specializing in Cyber Security, Cloud Computing, and IT Infrastructure. Founded in 2000 and publicly listed since 2018 (STOCK CODE: 300454.SZ), Sangfor employs 9,500 employees, operates 60 offices, and serves more than 100,000 customers worldwide, many of them Fortune Global 500 companies, governmental institutions, universities, and schools. Visit us at to learn more about Sangfor’s solutions and let Sangfor make Your Digital Transformation Simpler and Secure.   Contact Us for Business Inquiry


Sangfor Ranks in Forbes 50 Most Innovative Companies in China

Sangfor Named in 50 Most Innovative Companies by Forbes China Sangfor Technologies is very honored to announce that it has been recognized in Forbes China 50 Most Innovative Companies 2022. Sangfor has been a mainstay in this prestigious annual publication, having ranked in the 50 Most Innovative Companies for four consecutive years and is one of five companies in the Software Services category in 2022. Sangfor is continuously breaking ground in cyber security and cloud computing and the listing reaffirms our unwavering commitment to delivering the world’s most innovative and transformative technologies to help our customers thrive. The latest publication commented that technology companies have shown technological optimism amid global antitrust sentiment, cultural isolation, and downside risks. During the selection process of the most innovative companies, Forbes discovered more technological breakthroughs and accomplishments compared to previous years. “We are immensely proud once again to make it into the top 50 Most Innovative Companies,” says Kaden Zhang, President of Sangfor International Market. “Innovation is the lifeblood of this company. It is ingrained in our corporate culture and is what drives us to forward even in the face of adversity. That is why I am thrilled by the construction of our sixth R&D center, which will take our product innovation capabilities to a whole new level.” Source: About Sangfor Sangfor Technologies is an APAC-based, leading global vendor specializing in Cyber Security, Cloud Computing, and IT Infrastructure. Founded in 2000 and publicly listed since 2018 (STOCK CODE: 300454.SZ), Sangfor employs 9,500 employees, operates 60 offices, and serves more than 100,000 customers worldwide, many of them Fortune Global 500 companies, governmental institutions, universities, and schools. Visit us at to learn more about Sangfor’s solutions and let Sangfor make Your Digital Transformation Simpler and Secure.   Contact Us for Business Inquiry

Press Release

Gartner Hype Cycle for ICT in China 2022. Sangfor Recognized as a Sample Vendor.

Sangfor Technologies Recognized as a Sample Vendor in Gartner® Hype Cycle™ for ICT in China, 2022 Sangfor Technologies recognized as a Sample Vendor under multiple technologies mentioned in the Gartner Hype Cycle for ICT in China, 2022[1] report, published 26 July 2022. About the Gartner Hype Cycle for ICT in China, 2022 This Gartner Hype Cycle report assesses 28 of the most relevant and innovative information and communication technologies (ICT) in China today. Each technology is rated on their business benefit, market penetration, and maturity level while other key information such as the technology’s drivers, obstacles, user recommendations, and a list of Sample Vendors are provided. The Hype Cycle is intended to help CIOs "identify technologies to help manage IT rationalization and seize digital business opportunities." Sangfor is excited to be included as a Sample Vendor for the following technologies: Secure Access Service Edge (SASE) Hyperconverged Infrastructure (HCI) Cloud Security in China We believe our inclusion in these technologies confirms us as one of the trusted vendors for cloud computing and cyber security in China. Learn More about the Technologies and Sangfor Products Secure Access Service Edge in the Hype Cycle for ICT in China Business Benefit Rating: Transformational Market Penetration: 5% to 20% of target audience Maturity: Adolescent (2-5 years till mainstream adoption) Secure access service edge (SASE) has been rated as transformational in business benefit—the highest rating. Specifically, the report notes that SASE in China "supports branch office, remote worker, internet and cloud access security, low latency access to cloud, use cases" and " a key enabler of digital business transformation, increasing visibility, agility, resilience and security by using a platform approach to delivery services rather than a siloed approach." Sangfor Access (SASE) Sangfor Access is our SASE solution that converges network and security capabilities into an integrated service through the cloud. Sangfor Access provides a cohesive suite of security features, including NGFW, SWG, ZTNA, CASB, VPN, and more. Security gaps are eliminated by the unified delivery of security protection irrespective of user location. This makes Sangfor Access the perfect solution for organizations needing secure access to both cloud workloads and the Internet for branch and remote users. With Sangfor Access, internet-bound traffic undergoes security inspection and policy enforcement at the cloud edge as opposed to being backhauled to the security stack in on-prem data centers. This offers many benefits such as improved user experience due to lower latency and reduced operations complexity and costs due to vendor consolidation and lower data center footprint. Visit the Sangfor Access webpage to learn more about our SASE solution, including features and capabilities, advantages, use cases, and brochure. Hyperconverged Infrastructure in the Hype Cycle for ICT in China Business Benefit Rating: High Market Penetration: 20% to 50% of target audience Maturity: Early mainstream (0-2 years till mainstream adoption) The Hype Cycle recognizes hyperconverged infrastructure (HCI) as an "enabling technology for hybrid cloud, automation, edge, infrastructure agility and more." In terms of business impact, the report notes that "HCI enables on-premises IT to respond to new business requirements in a modular, small- increment and timely fashion" and "simplifies infrastructure operation, which is particularly valuable for enterprises with relatively weak IT capability or remote sites of large organizations that require operation efficiency." Sangfor Hyper-Converged Infrastructure (HCI) Sangfor HCI is a 3rd generation HCI solution and the first HCI product to incorporate security all in one appliance. By converging compute, storage, networking and security onto a simplified single software stack, customers receive ultimate reliability for business-critical applications with easy-to-use management functions. Sangfor HCI provides the foundation for many of our cloud solutions, including Sangfor Managed Cloud Services, Sangfor Hybrid Cloud, Sangfor Virtual Desktop Infrastructure (VDI), and Sangfor Disaster Recovery (DR). Sangfor Technologies has been named in the Gartner Magic Quadrant™ for Hyperconverged Infrastructure Software for 3 consecutive years since 2019.[2] It has also been recognized in Gartner Peer Insights™ ‘Voice of the Customer’: Hyperconverged Infrastructure Software report for three consecutive years.[3] Visit our HCI webpage to learn more about Sangfor HCI, including features and capabilities, advantages, use cases, and customer testimonials. Cloud Security in the Hype Cycle for ICT in China Business Benefit Rating: High Market Penetration: More than 50% of target audience Maturity: Adolescent (2-5 years till mainstream adoption) The report lists several factors that are driving the adoption of cloud security. However, obstacles mentioned include "large enterprises treat(ing) private cloud adoption as an extension of data center protection, with no desire to embrace cloud security" and the "lack of cloud security knowledge and skills lead(ing) organizations to prefer replicating traditional controls to the cloud, both in public and private." The report notes that "effective and manageable cloud security plays a vital role to help enterprises use the cloud securely and compliantly." Sources: [1] Gartner, Inc., Hype Cycle for ICT in China, 2022, Kevin Ji et al., Published 26 July 2022   [2] Gartner, Inc., Magic Quadrant for Hyperconverged Infrastructure Software 2021, Jeffrey Hewitt et al., Published 17 November 2021. This report was titled Magic Quadrant for Hyperconverged Infrastructure in 2019.  [3] Gartner, Inc., Gartner Peer Insights ‘Voice of the Customer’: Hyperconverged Infrastructure Software, Published on 28 April, 2022. This report was titled Gartner Peer Insights ‘Voice of the Customer’: Hyperconverged Infrastructure in 2020.  Disclaimer: GARTNER, MAGIC QUADRANT and HYPE CYCLE are registered trademarks and service marks, PEER INSIGHTS is a trademark and service mark, of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.  About Sangfor Technologies Sangfor Technologies is an APAC-based, leading global vendor specializing in Cyber Security, Cloud Computing, and IT Infrastructure. Founded in 2000 and publicly listed since 2018 (STOCK CODE: 300454.SZ), Sangfor employs 9,500 employees, operates 60 offices, and serves more than 100,000 customers worldwide, many of them Fortune Global 500 companies, governmental institutions, universities, and schools. Visit us at to learn more about Sangfor’s solutions and let Sangfor make Your Digital Transformation Simpler and Secure.   Contact Us for Business Inquiry

Get in Touch With Us

icon notification

Frequently Asked Question

You can install Endpoint Secure Protect on a system with another AV or EDR installed. During the installation, you will be asked if there is other anti-virus software installed. If you say “yes”, the installation will ask if you want to continue. If you choose to continue with the installation, the installation will continue in compatibility mode and the Protect agent will automatically disable real-time protection to not interfere with operation of the existing AV agent.

The Endpoint Secure management server includes the NGAF WAF module to prevent web-based attacks. Both the hardware and virtual versions of the management server are assessed by Sangfor’s BlueSecOps Team to determine if any risks or vulnerabilities exist. Security hardening is performed to minimize attack surfaces by closing all unnecessary ports and services.

Yes, you can choose when agent groups or individual agents are upgraded. This gives you flexibility and control to stagger or delay agent upgrades based on organizational needs.