SPiDER SOAR

Provides highly useful automation functions optimized for security environments based on playbooks verified by 20+ years valuable experiences.

What is SPiDER SOAR?

Based on IGLOO Corporation’s security control know-how accumulated for more than 20 years and artificial intelligence(AI) technology, this SOAR solution is designed to increase the efficiency of security work by automating the response process for security threats. It automatically executes a simple and repetitive process based on the 'Playbook', which combines numerous elements (solutions, business procedures, threat information, etc.) for attack-specific response into one process. It can substantially shorten the process from threat detection to response by automatically classifying response steps according to security threat priorities and responding according to standardized business procedures.

Advantages

  • 1
    Knowhow

    Playbook reflecting over 20 years of security control know-how

    Playbook designed and developed, based on IGLOO Corporation’s security control know-how accumulated for over 20 years (control process verified in various control sites such as private / public / financial sites)

    Continuous development and support of Playbook by an organization dedicated to security control research (Playbook based on more than 20 scenarios is provided when the product is purchased. )

  • 2
    SOC Optimization

    Optimized for domestic Security Operation Center​ work

    Automatic response based on playbook as well as manual response by the security officer (with Automatic & Manual Response function )

    In addition to security responses, it is possible to respond to system failures through alarm interlocking

  • 3
    Automation

    Auto-blocking through IGLOO Alliance linkage

    Operating the IGLOO alliance agreement model

    Interworking and automatic blocking with the largest security solutions in Korea

    Interworking with various products (e.g., F/W, IPS, and NAC, etc.) for auto-blocking (Continuous expansion of interworking with security solutions used for building the largest number of sites in Korea, such as SECUI(firewall) and WINS(IPS))

  • 4
    Response Efficiency​

    Enhanced response efficiency through AI and TI interworking​

    Threat intelligence information provision and linkage by interworking with IGLOO CTI, the only continuous service in Korea​ (In connection with more than ​120 customers )

    Enhanced automatic response efficiency by linking with the analysis results of the machine learning-based security control system​ (Linked to ML-based control ​solutions such as SPiDER TM AI Edition)

Main Features

Orchestration

Improves the response efficiency of the security control center through interworking with heterogeneous security solutions

  • 1

    Through interworking with heterogeneous security solutions Implementing Security Control Orchestration

  • 2

    Based on 20 years of control know-how Implementing Playbook-based Orchestration & Automation

  • 3

    Through linking with SIEM, ML-based security control system, threat intelligence, asset information & vulnerabilities Implementing Intelligent Automation Response and Threat Intelligence Feed

  • 4

    Through the IGLOO Alliance Interworking with the largest security solution in Korea and automatic blocking

Automation & Response

Establishes playbook-based systematic security response and security threat management process

  • 5

    Through automatic real-time alert response (Automation & Response ) Improving the efficiency of the security control center’s response process

  • 6

    Based on the phased process to improve the efficiency of simple and repetitive labor-intensive work processes Manual Real-Time Alert Response

  • 7

    With over 20 years of know-how accumulated in customer security analysis and control service Playbook optimized for security control center

  • 8

    Based on the security control process Automatic ∙ manual security control response and visualization of threat-oriented response process

System Structure

Linking SIEM, machine learning-based security control system, Vulnerability information, and threat intelligence Implementing the Automated SOAR-based Security Control System

Introduction Effect

This solution can efficiently select and respond to each alarm event by sharing threat information, interworking among various information protection products, and automating simple and repetitive tasks manually handled. In addition, it can level up threat assessment and response by establishing a standardized response system based on Playbook.

  • Traditional Security Control

    All Long​ time response

    Irregular response quality

    Lack of process visibility

    Most of the workers handling simple repetitive tasks

  • SPiDER SOAR-based Security Control

    Reduces response time and makes faster decisions

    Raises the level of response quality

    Gains process visibility

    Assigning experts to analysis work requiring human judgment

    Possible to support manual & automatic real-time control response

    MTTR, MTTD, and ROI Indicators