SOAR

The standard of K-SOAR — Korea's #1 market share

Korea's first in-house security automation system, launched in 2018. Automates the entire security process from threat detection to response, integrating with diverse security solutions for unified monitoring, and maximizes operational efficiency with intuitive playbooks.

Product Brochure

What is SOAR?

SOAR (Security Orchestration, Automation, and Response) is a platform that integrates and orchestrates various security solutions, automating threat response procedures to maximize operational efficiency.

Gartner first mentioned the early form of SOAR in its 2015 SIEM report and clearly defined the concept in 2017.
SOAR was introduced to solve problems where enterprise security teams suffer from Alert Overload and Alert Fatigue, manual operations per solution, and non-standardized response procedures.
SOAR provides three key functions: Orchestration, Automation, and Response.
These three functions are not independent but rather an organic workflow combination that constitutes the entire response process.

Core Objectives of SOAR

Objective icon

Security Orchestration

  • Manages and coordinates various security solutions as a single solution. Different security solutions (e.g., SIEM, EDR, Firewall) are integrated into a unified workflow.
Objective icon

Automation

  • Automates tasks through pre-built 'Playbooks'. For example, when a malicious IP is found, blocking, file hash lookup, and account lockdown are executed in sequence, reducing analyst workload and increasing response speed.
Objective icon

Response

  • Performs automatic or semi-automatic immediate responses such as threat blocking, IP blocking, and user account isolation. Manages each attack and response as 'Cases' with collaboration and reporting features.
Benefits

Automation supporting fast and accurate response after identifying repetitive tasks

Card icon

Automation (Incident Response)Identify and automate routine tasks for continuous automated processing

Dataize routines and characteristics of known security threats to automate incident response

Card icon

Accuracy (Service)Support security personnel to handle tasks easily, quickly, and accurately

Process large volumes of security work easily, quickly, and accurately when identifying and analyzing security threats

Card icon

Proactive (Incident Analysis)Proactive expansion of incident response using identification information within the system

Expand security threat analysis through automation to identify various new threats and broaden incident analysis and response coverage

Card icon

Virtuous Cycle (Spread Prevention)Continuous sharing of new threats through threat information (TI) extraction process

Sustainable incident response through automated processing of diverse and massive attacks on behalf of personnel

Strengths

Differentiated Playbook of eyeCloudXOAR SOAR

User-defined Playbook Configuration & Security Device Integration Components

  • GUI-based user-defined playbook configuration and management features
  • Integrated development environment (IDE) for user-created playbook components

User-defined Ontology Management of Threat Event Information

  • Ontology-Node Management: Management of key Features (threat indicators) for Tickets
  • Utilized as linkage/analysis/statistical indicator information during visualization and playbook execution

Automated Application of Global Standard Threat Classification

  • Automatic collection and management of MITRE ATT&CK Matrix information
  • MITRE ATT&CK Navigator Monitoring: maps detected events to Attack IDs for simulation and defense suggestions

Largest Number of Policy-Linked Security Devices in Korea

  • Integration completed with various domestic and international firewalls, IPS/IDS, WAF and other security devices
  • Automatic policy deployment to each device through eyeCloudXOAR playbooks

Enhanced Security through Diverse CTI Integration

  • Integration with various domestic and international Cyber Threat Intelligence (CTI) for safer response
  • Automated CTI scanning and analysis processes dramatically reducing personnel workload

More Accurate Analysis of Countless Events through Easy AI Use

  • On-Device AI requiring no separate training (additional option, updates provided separately)
  • Complex analysis and response processes through various component combinations
  • XAI for transparent understanding of AI decision-making processes
Key Features

SOAR Key Features

Threat Response Process Standardization & Automation (Playbook)

  • Standardize threat analysis/response tasks into playbooks by threat type or corporate policy for automated processing
  • Configure policy-specific components for each device to perform automated actions
  • Easily create and manage Playbooks by dragging and dropping components
Threat Response Process Standardization & Automation (Playbook)

Threat Situation Visualization

  • Ontology Analysis for correlating multiple events
  • Visualize each entity for rapid understanding of how threats progressed
  • Intuitively track response process progress for improved work efficiency
Threat Situation Visualization

AI-driven False/True Positive Analysis & Anomaly Detection

  • True/false positive analysis by AI models, threat type classification, automatic response by playbook
  • View Cyber Kill Chain status, KISA threat analysis types, and ATT&CK analysis on a single screen
AI-driven False/True Positive Analysis & Anomaly Detection

3D Network Map for Connected Asset Visualization

  • Visualize connected assets as Network Topology for easier threat analysis
  • Display cyber threat flow status and traffic statistics
  • Generate Network Topology through Nmap scanning and TraceRoute technology
3D Network Map for Connected Asset Visualization
Case Studies

Key Customer Cases Using SOAR

Cases coming soon
View All Customer Cases

Contact Us

Business protected by AI and data. Experience the optimal solution that stands firm against evolving threats. Please provide the necessary information for smooth product consultation. SecuLayer's dedicated specialist will contact you promptly.

Inquiry Type*
Solution Inquiry Items*Multiple selection available
Name*
Company*
Department*
Position*
Email*
Use company email address
Phone*
Use company phone number
Organization Type*
If you are not an IT service provider, distributor, or reseller, please select 'End Customer Organization'.
Organization Size*
How did you find us*
Detailed Inquiry
(Required) Consent for Collection and Use of Personal Information