With the existing security operation methods, each solution was operated individually, resulting in dispersed log collection and analysis, and there were limitations in real-time threat detection and rapid response.
We established an integrated security monitoring system based on SIEM. To collect and analyze financial sector-specific threat information in real-time, we strengthened the linkage with FCTI (Financial Cyber Threat Intelligence) and expanded and advanced the analysis scope through EDR/NDR log collection.
By introducing a next-generation monitoring system that overcomes the limitations of the existing ESM, we built a security monitoring system tailored to the financial sector. Through the integration of FCTI and EDR/NDR, we can comprehensively analyze threat elements within the financial system and respond proactively. This has laid the foundation for enhancing the reliability and efficiency of security operations.