Provides highly useful automation functions optimized for security environments based on playbooks verified by 20+ years valuable experiences.

What is SPiDER SOAR?

Based on IGLOO Corporation’s security monitoring know-how accumulated for more than 20 years and artificial intelligence(AI) technology, this SOAR solution is designed to increase the efficiency of security work by automating the response process for security threats. It automatically executes a simple and repetitive process based on the 'Playbook', which combines numerous elements (solutions, business procedures, threat information, etc.) for attack-specific response into one process. It can substantially shorten the process from threat detection to response by automatically classifying response steps according to security threat priorities and responding according to standardized business procedures.


  • 1

    Playbook reflecting over 20 years of security monitoring know-how

    Playbook designed and developed, based on IGLOO Corporation’s security monitoring know-how accumulated for over 20 years (monitoring process verified in various monitoring sites such as private / public / financial sites)

    Continuous development and support of Playbook by an organization dedicated to security monitoring research (Playbook based on more than 20 scenarios is provided when the product is purchased. )

  • 2
    SOC Optimization

    Optimized for domestic Security Operation Center​ work

    Automatic response based on playbook as well as manual response by the security officer (with Automatic & Manual Response function )

    In addition to security responses, it is possible to respond to system failures through alarm interlocking

  • 3

    Auto-blocking through IGLOO Alliance linkage

    Operating the IGLOO alliance agreement model

    Interworking and automatic blocking with the largest security solutions in Korea

    Interworking with various products (e.g., F/W, IPS, and NAC, etc.) for auto-blocking (Continuous expansion of interworking with security solutions used for building the largest number of sites in Korea, such as SECUI(firewall) and WINS(IPS))

  • 4
    Response Efficiency​

    Enhanced response efficiency through AI and TI interworking​

    Threat intelligence information provision and linkage by interworking with IGLOO CTI, the only continuous service in Korea​ (In connection with more than ​120 customers )

    Enhanced automatic response efficiency by linking with the analysis results of the machine learning-based security monitoring system​ (Linked to ML-based monitoring ​solutions such as SPiDER TM AI Edition)

Main Features


Improves the response efficiency of the security monitoring center through interworking with heterogeneous security solutions

  • 1

    Implementing Security Monitoring Orchestration Through interworking with heterogeneous security solutions

  • 2

    Based on 20 years of monitoring know-how Implementing Playbook-based Orchestration & Automation

  • 3

    Implementing Intelligent Automation Response and Threat Intelligence Feed Through linking with SIEM, ML-based security monitoring system, threat intelligence, asset information & vulnerabilities

  • 4

    Interworking with the largest security solution in Korea and automatic blocking Through the IGLOO Alliance

Automation & Response

Establishes playbook-based systematic security response and security threat management process

  • 5

    Improving the efficiency of the security monitoring center’s response process Through automatic real-time alert response (Automation & Response )

  • 6

    Real-time Alert manual process Based on the phased process to improve the efficiency of simple and repetitive labor-intensive work processes

  • 7

    Playbook optimized for security monitoring center With over 20 years of know-how accumulated in customer security analysis and monitoring service

  • 8

    Automatic ∙ manual security monitoring response and visualization of threat-oriented response process Based on the security monitoring process

System Structure

Automated SOAR-based Security Monitoring System Implementation, linking SIEM, Machine Learning-based security monitoring system, Vulnerability information, and Threat Intelligence.

Introduction Effect

This solution can efficiently select and respond to each alarm event by sharing threat information, interworking among various information protection products, and automating simple and repetitive tasks manually handled. In addition, it can level up threat assessment and response by establishing a standardized response system based on Playbook.

  • Traditional Security Monitoring

    All Long​ time response

    Irregular response quality

    Lack of process visibility

    Most of the workers handling simple repetitive tasks

  • SPiDER SOAR-based Security Monitoring

    Reduces response time and makes faster decisions

    Raises the level of response quality

    Gains process visibility

    Assigning experts to analysis work requiring human judgment

    Possible to support manual & automatic real-time monitoring response

    MTTR, MTTD, and ROI Indicators