Provides highly useful automation functions optimized for security environments based on playbooks verified by 20+ years valuable experiences.
What is SPiDER SOAR?
Based on IGLOO Corporation’s security monitoring know-how accumulated for more than 20 years and artificial intelligence(AI) technology, this SOAR solution is designed to increase the efficiency of security work by automating the response process for security threats. It automatically executes a simple and repetitive process based on the 'Playbook', which combines numerous elements (solutions, business procedures, threat information, etc.) for attack-specific response into one process. It can substantially shorten the process from threat detection to response by automatically classifying response steps according to security threat priorities and responding according to standardized business procedures.
Playbook reflecting over 20 years of security monitoring know-how
Playbook designed and developed, based on IGLOO Corporation’s security monitoring know-how accumulated for over 20 years (monitoring process verified in various monitoring sites such as private / public / financial sites)
Continuous development and support of Playbook by an organization dedicated to security monitoring research (Playbook based on more than 20 scenarios is provided when the product is purchased. )
Optimized for domestic Security Operation Center work
Automatic response based on playbook as well as manual response by the security officer (with Automatic & Manual Response function )
In addition to security responses, it is possible to respond to system failures through alarm interlocking
Auto-blocking through IGLOO Alliance linkage
Operating the IGLOO alliance agreement model
Interworking and automatic blocking with the largest security solutions in Korea
Interworking with various products (e.g., F/W, IPS, and NAC, etc.) for auto-blocking (Continuous expansion of interworking with security solutions used for building the largest number of sites in Korea, such as SECUI(firewall) and WINS(IPS))
Enhanced response efficiency through AI and TI interworking
Threat intelligence information provision and linkage by interworking with IGLOO CTI, the only continuous service in Korea (In connection with more than 120 customers )
Enhanced automatic response efficiency by linking with the analysis results of the machine learning-based security monitoring system (Linked to ML-based monitoring solutions such as SPiDER TM AI Edition)
Improves the response efficiency of the security monitoring center through interworking with heterogeneous security solutions
Implementing Security Monitoring Orchestration Through interworking with heterogeneous security solutions
Based on 20 years of monitoring know-how Implementing Playbook-based Orchestration & Automation
Implementing Intelligent Automation Response and Threat Intelligence Feed Through linking with SIEM, ML-based security monitoring system, threat intelligence, asset information & vulnerabilities
Interworking with the largest security solution in Korea and automatic blocking Through the IGLOO Alliance
Automation & Response
Establishes playbook-based systematic security response and security threat management process
Improving the efficiency of the security monitoring center’s response process Through automatic real-time alert response (Automation & Response )
Real-time Alert manual process Based on the phased process to improve the efficiency of simple and repetitive labor-intensive work processes
Playbook optimized for security monitoring center With over 20 years of know-how accumulated in customer security analysis and monitoring service
Automatic ∙ manual security monitoring response and visualization of threat-oriented response process Based on the security monitoring process
Automated SOAR-based Security Monitoring System Implementation, linking SIEM, Machine Learning-based security monitoring system, Vulnerability information, and Threat Intelligence.
This solution can efficiently select and respond to each alarm event by sharing threat information, interworking among various information protection products, and automating simple and repetitive tasks manually handled. In addition, it can level up threat assessment and response by establishing a standardized response system based on Playbook.
Traditional Security Monitoring
All Long time response
Irregular response quality
Lack of process visibility
Most of the workers handling simple repetitive tasks
SPiDER SOAR-based Security Monitoring
Reduces response time and makes faster decisions
Raises the level of response quality
Gains process visibility
Assigning experts to analysis work requiring human judgment
Possible to support manual & automatic real-time monitoring response
MTTR, MTTD, and ROI Indicators