In the future, as digital transformation progresses and system log collection from 45 domestic and international offices increases, the existing integrated log system's licenses became insufficient due to the data growth. Additionally, the existing security framework managed logs individually from each system, resulting in slow threat response times and a lack of real-time analysis and automated response capabilities.
We implemented SecuLayer's eyeCloudXOAR v4.0-SIEM, eyeCloudXOAR v4.0-SOAR, and eyeCloudAI v3.0. By utilizing SIEM, we integrated the management of security events occurring in global networks and information systems, and applied SOAR to establish an automated response system. Furthermore, we introduced AI-based threat analysis capabilities to improve the precision of detecting unknown security threats.
Through the establishment of an integrated security monitoring system based on SIEM, SOAR, and AI, we significantly enhanced our capabilities for detecting and responding to security threats. The automated response system enabled automatic blocking and policy setting for SecuAI and AhnLab devices, thereby strengthening security.