Seculayer Completes the 'AI-Based Adaptive Security System Phase 3 Construction Project' for the National Information Resources Management Institute

Seculayer (CEO Jeon Joo-ho) announced that it successfully completed the 'AI-Based Adaptive Security System Construction Project' for the National Information Resources Management Institute (NIRS) as the lead contractor in February 2021.

The National Information Resources Management Institute (NIRS), under the Ministry of the Interior and Safety, oversees the stable operation of information systems for central administrative agencies, local governments, and public institutions, as well as the efficient integration, construction management, protection, and security. The AI-based adaptive security system project has been promoted over three years since 2018. The first phase was completed in 2018, followed by the second phase in 2019, and Seculayer, which participated as a partner in the first and second phases, was selected as the lead contractor for the final phase, the third construction, in 2020.

The 'AI-Based Adaptive Security System Phase 3 Construction Project' aimed to enhance the AI platform, adaptive security management system, AI service model, and open API linkage system targeting various public service infrastructures, including e-government services. The project commenced in June 2020 and was completed as planned by February 2021.

A notable feature of this project is the application of various AI models centered around Seculayer's own SOAR solution, eyeCloudXOAR, which established an automated identification of security events, threat detection, threat analysis, and response systems.

Through the AI service model of the AI platform, security data and events generated from security systems and SIEM are analyzed and detected by AI for classification of normal and abnormal behaviors. The SOAR-based playbook automatically classifies and analyzes these, while tasks requiring human judgment are automatically assigned to the responsible personnel, significantly improving the efficiency of monitoring and response operations.

In particular, by integrating with firewalls, IPS, and WAF devices from leading domestic security vendors such as AhnLab, SecuI, and PyoLink, the system automatically performs response tasks such as threat blocking. Additionally, by linking with various external threat intelligence sources like IBM, SOMANSA, SK Infosec, and East Security, it not only implements in-depth analysis of security threats but also achieves 'automation by the system' across detection, analysis, and response tasks, while establishing a proactive response system capable of pre-blocking and pre-responding to new external threats.

CEO Jeon Joo-ho of Seculayer stated, “Recently, there has been significant interest in Security Orchestration Automation and Response (SOAR) solutions in Korea, but the reality is that practical implementation and automation of tasks are progressing at a slower pace compared to the international security market.” He added, “We have realized and received recognition for the full-scale SOAR system construction at the National Information Resources Management Institute (NIRS). Using this as a stepping stone, we will continue to supply our Korean-style SOAR, eyeCloudXOAR, to various government agencies and large corporations to promote automation and efficiency in monitoring operations.”

As Seculayer's own SIEM solution, eyeCloudSIM, is currently being operated in numerous public institutions and large corporations in Korea, attention is also drawn to the trends in demand and supply for SOAR solutions that realize automation in security monitoring in the future.