Skip to content Go to main menu

QTIE

QTIE

QTIE is the first XDR solution integrated SIEM, SOAR, NDR, TI, and AI features in one package in
Korea for intelligent cyber threat detection and automated response system.

QTIE can precisely and accurately analyze threats and minimize MTTD (mean time to detection) and MTTR (mean time to threat response) through differentiated multi-correlation analysis, AI based threat analysis engine, packet-based threat detection engine (Threat Detector) and TI management capabilities that link and connect key TI information such as KISA C-TAS, FCTI, Emerging Threat, etc. QTIE has many cases of establishing an intelligent threat automatic response system for financial institutions that provide mission-critical services following major universities, enterprises, and the public sector in Korea, and provides the foundation for the establishment and management of an up-to-date security response system 365 days a year by providing more than 500 vendor-recommended playbooks that can precisely and accurately detect threats and supporting continuous free updates.

Download Brochure

Main Functions

Integrated XDR solution for intelligent threat detection and automated response

Threat Response SOAR

Security Orchestration & Automated Response

  • Integrates with 3rd party security solutions (API/CLI)
  • Integrated analysis with security solutions (VirusTotal, APT, etc.)
  • Integrates with security solutions, automatically block threats/unblock
  • Manual, permission-based threat response

Threat Detection NDR

Network Detection & Response

  • More than 100,000 signatures
  • More than 1,000,000 Threat Intelligence (TI) information
  • Logging for major applications such as HTTP, DNS, DB, etc.
  • File Extraction & Communication Packet Storage Function

Integrated log management LMS

Integrated log management

  • Agent/Agentless-based Server Logs (+command) Collection Function
  • Big Data-based search engine (Cluster support)
  • Flexible search and statistical analysis with QPL*
  • Search performance by more than 100 billion events per second

Threat Analysis SIEM+TI+AI

Threat Detection and Analysis Capabilities

  • Multi-correlation engine
  • 3rd Party Security Solution Linkage/Integration-Based Analysis
  • AI-based Anomaly Detection Engine
  • TI Linkage/Integration

Integrated SIEM/SOAR/NDR Threat Detection, Response Automation, XDR Solution

Features

QTIE is the Korea's first next-generation XDR solution that integrates SIEM, SOAR, and NDR, supporting the world-class level of analytical processing performance and has been proven to be functional and stable through successful tasks in a number of public, financial, and enterprise clients.

CC, GS certified solution

QTIE is a solution that has obtained CC certification and GS certification. QTIE’s capabilities such as log and packet-based analysis, 3rd party security solutions, and TI information integration are essential to build a more precise and accurate threat detection analysis system.

Establishment of automated response system

QTIE has a track record of building unmanned automated response systems at a number of public,corporate, and university sites in Korea, and has patented technologies to achieve over 99.9999999% availability without service interruption due to false positives.

Multiple Correlation Techniques

QTIE leverages patented technology to perform multi-correlation and integrated analysis, which enables precise and accurate threat analysis.

AI-powered threat detection

QTIE is built with the AI-powered Anomaly Detector adapted by OpenSearch of Amazon, a global Big Tech company, and provides the ability to detect anomalous communications and behaviors.

Integration of domestic and foreign IOC information, TI platform

QTIE provides information linkage function with its own analysis or 3rd party security solutions by collecting IOC(Indicator of Compromise) information from various security agencies and companies such as KISA C-TAS, Financial Security Institute FCTI, ABUSE.CH, EmergingThreat, Cisco, and Kaspersky.

Implementation Cases

QTIE can accurately identify and block threats through a multi-correlation analysis engine with patented technology that can detect threats and respond, and sophisticated analysis technology using NDR, TI, and AI. It has established automated response systems many sites in the public, financial, university and industry sectors. We have actively responded to security threats through an automated threat response system and improved the efficiency of IT security operation management to achieve customer satisfaction.

Public Institutions

A security center of Institution A has installed a DDoS response system and QTIE to protect approximately 280 corporate homepages. QTIE detects threats such as Web Abusing and Web Macro attacks that are difficult to detect by DDoS detection and blocking solutions, and performs automated responses (to order DDoS equipment to block malicious IP) for more than 2,600 average threats per day.

#Strengthen its response to DDoS attacks
#Improved anomaly blocking rate by more than 20%
#Quick search and statistical analysis by more than 100 times faster

Financial Sector

Following the security control service from higher-level institutions, it is operating an on-site security control center, but it has introduced QTIE to enhance the security control response system, and is maximizing the number of daily analyses and responses by integrating PLAYBOOK-based automated security control and human-centric analysis control services.

#Improved the number of security control responses
#Automated analytics control
#Securing the capacity to upgrade security policies

Educational Institutions

Since operating without security control service, security personnel had to respond to all the security threats that occurred, but by establishing an automated threat response system using QTIE, it is able to actively block and respond to various threats that it would be unable to respond to before, and the convenience of security operations was greatly improved.

#Without self-control man-power
#Automatically block an average of 8,000 threats per day
#Detect, block threats that traditional solutions couldn't detect

Industry Enterprises

To automate detection and response to internal and external threats, it built a system utilizing all of SIEM, SOAR, TI, and AI functions, and for external threats, it has linked and configured firewalls and IPS, and EDR for internal host security to automatically block an average of 30,000 external threats per month.

#Automated internal and external threat detection
#Automated response by an average of 30,000 threats per month
#Data Leak Detection
#Minimize operational manpower

Contact Us
TOP