SecuLogic Hompage

Security Solutions No.1

Application Layer Logical
Intrusion Detection & Prevention System

SecuLogic is a logical security solution improving on the problems in the existing security systems
It is a Web-traffic security system that can act against the various intelligent cyberattacks
by application layer logical detection of intrusions and blocking

Learn more

Security Industry Worry

Concerns in the Security Industry

SSL Encrypted Traffic Problem

- Utilization of the SSL encrypted traffic as attack routes
- As SSL encrypted traffic inspection is not possible, only IP blocking is possible

User Terminal Identification

- limitations in user terminal identification by IP

Storing and Utilization of Collected Data

- behavioral detection and defense not possible
- statistical detection, protection and machine learning utilization is not possible

Difficulty in blocking against logical cyberattacks

Application Layer Logical Intrusion Detection & Prevention System

Logical Security Solution Improving on the Problems in the Existing Security System

Complete Collection and Inspection of Web traffic without overloading

Accurate User IdentificationTechnology

Complete Storage of collected data and big data

User behavior and Statistical based Identification and blocking

Detection of abnormal DB Access and blocking

Automatic blocking by accurate detection

Responding against diverse intelligent cyber attacks possible

Differences from existing security schemes

Conventionally, existing security systems were physical security dependent on network packets which had limitations in detecting the diversified attackers due to problems in user identification, data collection, and statistical detection. SecuLogic does not depend on the network packets and solves the problems in the existing security systems by collecting, detecting, and blocking within WAS memory.

Main Function

Next generation Web traffic security solution that provides logical detection of intrusion and auto blocking function

Accuracy in User Identification

- Client IP
- User ID
- Application Session ID
- Invariable Session ID

Complete Collection of Transactions without Load

- Collection of Transaction Information already decrypted in WAS memory
- Collection of all HTTP Request Header values
  HTTP Header, Attribute
  Query String, Cookie

- DML Data
   SQL Executions, Insert, Update

AI Based Detection

- Create AI policy with Supervised Learning
  Learning through normal and abnormal patterns

- Evaluation and automatic blocking through application of AI policy
   Score calculation for evaluation results
   Score reference detection
   User identification based blocking

Accuracy in Detection Policy

- HTTP Header based Detection
- User Behavioral Detection
- User-specific Statistical Detection
- DML based Detection

Variety of Blocking Methods

- HTTP Header based Blocking
- User IP based Blocking
- Application Session ID Blocking
- User Session ID Blocking

Service-oriented Policy Management

- Application of Service/Domain based Policy
- Effective in Cloud System
- Ideal in Large Size Data Centers

Lightweight Detection

- Based on Lightweight HTTP Header.
  Accurate Identification of only
  the detection items

- User Identification and Statistic based
  Identification in SecuLogic Server
  No influence on service

Auto-block

- Auto-block by Accurate Detection
Auto-block possible by accurate Detection

- Auto-block by setting blocking time
Set block time by blocking criterion

Analysis of Big Data

- Management of Detection and Blocking History
- Analysis of Changes by Domain/Service
- Analysis of Dispersion in Transactions
- Utilization of Elasticsearch Kibana

Architecture of Seculogic

3-Tire Architecture( Console-Collection Server-Agent), Data is Saved in Big Data(Elasticsearch)System

Benefit of Seculogic

Technical Progress which was difficult in existing products

Secure Web Traffic Visibility
- Web traffic information collection from non-encrypted sections
- 100% complete collection of Web traffic information
- Collection not affected by Web service

Detection and Auto blocking
- 100% Auto blocking based on accurate detection
- Manual analysis for blocking after detection not necessary
- Automatic management of detection and blocking status history

Accurate User Identification
- Accurate user identification about web traffic has become possible
- Various methods in user identification
- IP, AP session, User session, User ID

Statistical and Behavioral Detection
- Statistical detection by user
- User behavioral detection
- Abnormal behavior detection

Securing response system against web traffic intelligent cyberattack

Solution

The optimum security solution in large-scale data center and cloud environment

Product Comparison

Comparison Chart with Existing Products

Classification	Detailed Function	SIEM	NG WAF	SecuLogic	Other
Product Definition	Definition	Big data-based security control system	Next Generation Web Firewall	Software Web Firewall + Big Data Based Web Traffic Security
Data Collection	Data Collection Method Data Collection Type Data Classification Collection of Encrypted Data(SSL) Data Collection Overload User Identification	Log Log and Event Information Unstructured Data Need to work with SSL visibility solution Almost None Identification Not Possible	Network Packet Web Traffic Structured Data Collection after Decryption Frequent Identification Not Possible	WAS memory Web Traffic Structured Data Collection on non-encrypted segments Almost None Identification Possible	Not Possible:Only IP
Detection	Overloading at Detection AI Based Detection IP Modulation Attack Detection User ID tamper detection Statistical based detection User-specific statistical detection User behavior based detection Detection of excessive call users Detection of Web Traffic DDos attack DB Access based Detection APT Attack Detection Session or Account hijacking Web Shell Detection Macro Call Detection	Almost None Possible Not Possible Not Possible Partially Possible Not Possible Not Possible Not Possible Not Possible Not Possible Partially Possible Partially Possible Partially Possible Partially Possible	Frequent Not Possible Not Possible Not Possible Not Possible Not Possible Not Possible Not Possible Not Possible Not Possible Not Possible Not Possible Possible Not Possible	Almost None Possible Possible Possible Possible Possible Possible Possible Possible Possible Possible Possible Possible Possible	Partially Possible Partially Possible Partially Possible
Blocking	Auto-block in case of Detection Session ID based Blocking User ID based Blocking DB Access based Blocking	Partially Possible Not Possible Not Possible Not Possible	Possible Not Possible Not Possible Not Possible	Possible Possible Possible Possible
Transaction Analysis	Long-Term Transaction Analysis User identification based Analysis	Possible Not Possible	Not Possible Not Possible	Possible Possible

Contact Us

Got a question? We’d love to hear from you. Send us an e-mail and we’ll respond as soon as possible.

Address
Gold Tower 318ho, Mannyeon-dong, 66, Dunsan-daero 117beon-gil
Seo-gu, Daejeon, Republic of Korea(35203)
Email
support@elevisor.com
Number Info
T.+82-42-485-8582
F.+82-42-485-8583
Link
- Elevisor HompageElevisor Hompage