IGLOO SECURITY, INC. takes AI security monitoring efficiency to the next level by obtaining two patents related to security monitoring

– It is planned to be applied to SPiDER TM AI Edition, the first AI security monitoring solution in Korea 

[April 28, 2020] Igloo Security Co., Ltd. (CEO Lee Deuk-Choon, www.igloosec.co.kr/en) has completed patent registration to increase the accuracy and reliability of security monitoring policies.

1. 'Automatic application system and method of security device control policy based on an infringement incident response instruction (Registration No. 10-2090757)‘.

2. 'Security monitoring system and method using block chain technology (registration number 10-2098803)' that guarantees the integrity of log data collected, stored, and processed by security device using blockchain technology.

Various control policies are applied to security device used for security monitoring to effectively detect and block security threats targeting IT assets. In order to quickly respond to serious infringement, it is necessary to add and update various control policies such as signature patterns and Snort Rules from time to time based on accurate analysis to keep it up to date. However, it is true that there are difficulties in effective control policy management because the number of security devices to be managed is increasing and the personnel who perform policy analysis and setting tasks are separated.

Also, in the process of storing and processing logs collected from various security devices, a powerful management function that ensures that these logs have not been tampered with was also required. In general, a method of collecting a log through encrypted communication such as TLS (transport layer security) and generating and managing a hash value for the collected log is applied. However, since encryption and hash generation are performed through an encryption key arbitrarily injected by a security monitoring service provider, it is difficult for the security monitoring service user to trust 100% of the integrity of the log.

The patent for 'Automatic application system and method of security device control policy based on an infringement incident response instruction‘ is a technology that creates a reliable control policy based on an infringement incident response instruction created during the infringement response process, and automatically applies this policy to security device. Unlike the existing technology, which was applied after validating only the security policy entered based on discretionary judgment, this patent is designed to automatically apply the control policy reflecting the infringement incident response instruction.

The patent for 'Security monitoring system and method using block chain technology' creates the block data using log files collected by the log collection unit and distributes it in the blockchain network to store the integrity of the log data collected by the security monitoring server. By accurately verifying the integrity violation by the security monitoring service provider or the cyber attacker, the reliability of the log, which is the basic data for analyzing the signs of cyber attack and the incident, has been increased.

Igloo Security plans to apply two patented technologies to the SPiDER TM AI Edition, an AI security monitoring solution. By automatically reflecting the control policy based on the infringement incident response instruction, it is expected to shorten the response time for infringement incidents that can have a significant impact on the IT system in the organization and increase security control efficiency. In addition, through the verification of log data integrity using blockchain technology, it is expected that it will be possible to eliminate the possibility of erroneous analysis results based on forged and forged logs.

“Igloo Security is a leading AI security monitoring company, leading the research and development of technologies that can improve the effectiveness of security monitoring. It is expected that the two patent technologies acquired this time will enhance the ability to respond to advanced cyber infringement attempts. ”​