In the future, as the digital transformation progresses and system logs from 45 domestic and international offices are collected, the existing integrated log system's license became insufficient due to the increase in data. Additionally, the existing security framework managed logs individually from each system, resulting in slow threat response times and a lack of real-time analysis and automated response capabilities.
We implemented SecuLayer's eyeCloudXOAR v4.0-SIEM, eyeCloudXOAR v4.0-SOAR, and eyeCloudAI v3.0. By utilizing SIEM, we integrated the management of security events occurring in global networks and information systems, and applied SOAR to establish an automated response system. Furthermore, we introduced AI-based threat analysis capabilities to improve the detection of unknown security threats with greater precision.
Through the establishment of an integrated security monitoring system based on SIEM, SOAR, and AI, we significantly enhanced our capabilities for detecting and responding to security threats. The automated response system enabled automatic blocking and policy setting for SecuAI and AhnLab devices, thereby strengthening security.