There was a need for a system capable of multi-faceted detection and analysis of various forms of technology leakage risks, and the existing security systems were isolated, making data integration management difficult.
By implementing SIEM, SOAR, and UEBA solutions, we conducted correlational analysis of the collected logs and personnel information. We thoroughly prepared for internal information leakage by implementing user-based search and statistics, as well as scenario-based detection features.
We visualized event occurrence history by user, and when a threat of information leakage occurred, a significant portion was automatically processed according to a standardized response process, greatly enhancing work efficiency.