SIEM
Integrated Security Control System
This solution collects original logs from various heterogeneous devices and provides a unified security control environment from initial detection to analysis and response to threat situations.
Key Features
Search logs and information
- SPiDER TM specifies policies by defining detailed fields for collected raw data.
- Define policies for SPiDER TM collected raw data to enable advanced security monitoring
Dashboard
- SPiDER TM provides a unified dashboard that allows users to be aware of their overall security status, incidents, and analysis status.
- Provides a custom dashboard feature that provides separate editing tools to allow users to include the content they want.
Web-based user interface
- WEB-based management console
- Ease of system access via WEB UI
- Provides a separate C/S program for easy viewing of real-time logs
Product Features
Network security system linkage
- Firewall (firewall/intrusion prevention system), IDS (intrusion detection system), IPS (intrusion prevention system), Anti-DDoS, Anti-ART, WAF (web firewall), Anti-Spam, Network DLP, etc.
We collect logs generated within the network security system and analyze them for external intrusions and attacks/internal information leaks.
WEB/WAS server linkage
- When a web vulnerability attack occurs, the validity of the attack detection equipment is verified and the success or failure of the attack is verified. In the case of the WAS server, it is verified against abnormal access of the application and attacks that bypass the detection equipment.
Manage the evidence.
- It links in an agent-based manner and provides a Web Shell detection function within the Agent, providing a self-defense function against Web Shell attacks.
Endpoint security system and major server linkage
- Integrated anti-virus, anti-exploit, server security, DB security, server access control, NAC (network access control), PMS (patch management system), internal information leak prevention, etc. to prevent infringement of internal assets and
Analyzes internal information leaks, unauthorized access, etc.
- In case of major server connection, the agent performs control tasks in terms of availability, such as monitoring system resources as well as preventing unauthorized access attempts.
