Managed Security Service

SNIPER MSS BI

Sniper MSS

Precise Real-time Managed Security Service for Hacking and DDoS attack

image of WINS Monitoring Center

Big Data Security Monitoring

This service provides integrated management of collecting, storing, searching and analyzing for various security log data. We operate real-time monitoring, detecting malicious behavior based on context recognition, automatic correlation and analysis.

image of Big Data Security Monitoring

Basic Technology
  • Technology of storing and
    processing massive data
    (Clouds based Hadoop and MapReduce)
  • Consideration for infinite expandability
  • Support high speed processing
    (analyzing / searching etc)
Analysis Technology
  • As a role of brains for analysis of
    various security logs and batch
    processing of mass storage
  • Operate enhanced security monitoring
    such as analysis of statistics process
    risk forecasting
Application / Expression Technology
  • Support big data application
    and services
  • Apply visualized expression technology followed by
    analyzing data process
  • Consideration for convenience of managing data




APT Security Monitoring

Based on the analysis of the session network traffic, we accurately detect and defense APT attack which attempts abnormal connection.
By analyzing network behavior, we define and block the behavior of abnormal user by APT attack.

Item Contents
APT Auto-analysis Service
  • Extract response information from auto-analysis system
  • Analyze behavior/threat/infected causes information of detection event
  • Analyze response to unknown attack (0-Day)
  • Provide blocking information regarding malicious code behavior
  • Provide external C&C and infected site information
Specific Analyzing Service for
Malicious Code
  • Detail analyzing service of customer requested malicious code
  • Provide detail paper of malicious behavior& vulnerability
  • Help to set the malware blocking policy

image of APT Security Monitoring flow chart

Webshell Detecting Security Monitoring

Webshell Detecting Security Monitoring is real-time monitoring on every file of web root directory. In file system, it analyzes incidents regarding the file creation, obfuscation, and removal. It can identify the web shell by comparing patterns and perceiving file access.

Web Forgery Security Monitoring

Real-time monitoring to malicious code infection for customer critical web page. Through dynamic analysis of downloading file including malicious code from the web page, it can identify web pages infection.

Threat Management Security Monitoring

We analyze threat factor, provide immediate response, and then minimize damage from the attack. Last, we consist of internal network management and take proper precaution.

image of MSS Monitoring

Sniper Security Monitoring

Through the various domestic business like operating government SOC and financial ISAC, we provide specialized real-time security monitoring services as well known as the top ranked network security vendor.

Integrated Managed Security Monitoring

We are systemically managing security monitoring by integrating management for various heterogeneous security devices. The best CERT manpower improves your security standard through operating regular vulnerability assessment and penetration.



Service Summary

Fast attack response and efficient prevention of spread damages with centralized response system.

image of Security Process
Process Service Contents
Precaution Secure Clinic
Service
  • Automatic scanning by Qualys Guard Scanner(System, Network)
  • Using TCMS Web Scanner
Warning Service
  • WINS SecureCAST (Security forecasting service)
  • Vulnerability/malicious code database
    (US CERT, KrCERT, National Intelligence Service)
  • Global threat information and security trend
IPS / IDS
Anti - DDOS
Monitoring Service
  • Customizing and Updating IPS/IDS Signature
  • Customizing Anomaly, DoS/DDoS policy
  • Monitoring IPS/Anti-DDoS system resource and traffic
WAF Monitoring
Service
  • Customizing signature of web application firewall
  • Managing and updating signature of web application firewall
  • Real-time incident analysis&check through the Web
Firewall
Monitoring Service
  • Monitoring firewall system availability
  • Reviewing firewall policy
  • Firewall log
Server Monitoring
Service
  • MDS(Detecting malicious code spreading site)
  • Web Shell Guard(Integrity check for web shell& critical file)
Monitoring / Detection Monitoring Service
  • Health-Check for main system
  • Web forgery detection and prevention using MDS, Web Shell Guard
  • Monitoring and detecting of firewall, WAf, IPS/IDS/Anti-DDoS incidents
  • Monitoring using Sniper BD1 (Integrated event management system)
Analysis Firewall, WAF,
IPS/IDS, Anti-DDoS
Incident Detection
Service
  • Analysis of correction profiling technique for critical service and high risk event by using Sniper BD1
  • Correlation analysis for suspicious events in Firewall, WAF, IPS/IDS and Anti-DDoS system
  • Real-time analysis of web critical file forgery by using Web Shell Guard
Response Incident Response
Service
  • Response real-time intrusion attack and request prevention measure
  • Initial reaction of abnormal network or system
  • Real-time attack and threat analysis
Service Desk
  • Composition of security and management policy, history
  • Management customer information
  • 24hours professional available
  • Residing security specialist and supporting operation
Report Reporting
  • Monitoring working, vulnerability information
  • Intrusion response / analysis result report
  • Regular Monitoring Report (Monthly Sniper BD1 Report)