A system capable of multi-faceted detection and analysis of various forms of technology leakage risks was needed, and the existing security systems were isolated, making data integration management difficult.
By implementing SIEM, SOAR, and UEBA solutions, we conducted correlated analysis of the collected logs and personnel information. We thoroughly prepared for internal information leakage by implementing user-based search and statistics, as well as scenario-based detection capabilities.
We visualized event occurrence history by user, and when a threat of information leakage occurred, a significant portion was automatically processed according to a standardized response process, greatly enhancing work efficiency.