CodeOne

Name: CodeOne Sentinelle
Brand: code one
Availability: InStock

Sentinelle

Sentinelle (Security Operations Hyper-Automation Solution)

Codeone Co., Ltd.'s AI security control automation solution, Sentinelle, automatically processes security events in conjunction with SIEM solutions, suggests the best analysis plan, and detects hidden threats by inspecting simple logs. In addition, you can see the entire security situation at a glance and detect and analyze related threats to minimize cyber attack damage through quick response.

Sentinellef Features

•

Integrates with operating SIEM: Integrates with existing SIEM solutions such as Splunk, QRadar, and Sumologic

•

Automatic processing/analysis of security events: Specified security events are automatically processed from occurrence to analysis and termination.

•

Present security event processing method: All personnel respond to a certain level, increasing control capabilities

•

Scan simple logs for security threats: Even simple logs that are not judged to be attacks are checked for threats through AI inspection.

•

Check real-time attack status: Analysis and management through timeline information from attack creation to termination

•

Provides various expandability: Provides various scalability such as generative AI linkage, secondary authentication, push message transmission, XAI, mobile dashboard support, automatic report creation, calling system, and customization support.

Expected effects upon introduction verified by various control sites such as companies/institutions

•

Increased security control center operational efficiency: AI operation increases efficiency in human resource operation and management

•

Reduce security control center management costs: Prevents hidden threats and reduces operating costs

•

Improved security policy stability and reliability: Stability/reliability of security policies gradually improves through AI

•

Centralized management of security information: Helps you get a clear picture of your overall security situation

•

Rapid incident response and recovery: Quickly analyze accidents and minimize damage according to defined processes

Sentinelle Key Features

Automatic processing and management of security events

•Security events specified by the administrator are automatically terminated after AI classification.

•Set the administrator to automatically process/analyze/terminate specific security events.

•Supports automatic termination of up to 4 million security events in 24 hours (If processed manually, up to 10,000 items can be processed when 21 people work 24 hours a day in 3 shifts at the control center)

•Automatic processing, check occurrence results and statistics by attack level, and check processing progress step by step

AI-enabled security threat inspection

•Additional verification of simple logs not detected in the security policy with an artificial intelligence (AI) engine

•When detecting a suspicious log, the attack probability is quantified and presented

•Based on the determination results, AI relearns and automatically applies field feedback

•Intuitively visualize the basis of detection results by applying XAI (Explainable AI)

AI suggested processing list

•AI analyzes existing processing methods and presents a list of optimal solutions

•If the person in charge selects one of the suggested options, the event will automatically end

•The response efficiency of advanced experts is improved by 130% through the use of AI, and even intermediate users can respond at an advanced level.

•Intuitively and specifically visualize the reason for the proposal by applying XAI (Explainable AI)

Security threat real-time dashboard

•Improved management efficiency by deleting unnecessary menus

•Configuration centered on essential functions such as control, mission, dashboard, and report

•Manage security events step by step from registration to termination

•Customized menus are provided for each controller and real-time status can be checked.

Expanded features: generative AI linkage, automatic report

•Can be linked with existing or self-secured AI

•Visualize real-time attack intensity and type by country and IP through 3D/2D Map

•Provides automatic report completion function (period, item, and file format can be selected)

cost savings

•No need to separately introduce SOC portal solution, SOAR automatic processing, and AI control solution

•Operational manpower input can be minimized through AI automatic processing and utilization of the processing suggestion list.

•Single platform-based operation reduces server resources and optimizes licensing costs

•Provides both on-premise and cloud methods (subscription type)

Areas requiring Sentinelle AI security control automation solution

•Institutions/companies that operate an existing integrated security event management system but are having difficulty managing it

•Institutions/companies that need to operate an integrated security event management system but are unable to introduce it due to operational issues

•Organizations/companies that operate an integrated security event control system

•Organizations/companies exposed to external hacking situations such as external network intrusions while providing network services

•Organizations/companies that require network security of internal networks, such as detection of insider abnormalities

•Organizations/companies using more than 10 security tools for security reasons

•Organizations/companies that have difficulty resolving security incidents because they do not have a response process

Types of companies that need Sentinelle AI security control automation solution

•

financial institution: Operated to protect sensitive financial data of customers such as banks, insurance companies, and investment companies, and to maintain the integrity of financial transactions

•

Government department or public institution: Operates to ensure national security and continuity of public services, including government ministries, local governments and public service providers

•

medical institution: Necessary to protect patients' personal health information and maintain the safety of the medical system in hospitals, medical networks, and research institutes.

•

large enterprise: Large corporations in various industries such as manufacturing, energy, distribution, and communications operate to protect the continuity of corporate assets and operations.

•

educational institution: Universities, research institutes, etc. operate to protect the data of students and faculty and safely manage research data.

•

IT service company: Cloud service providers, data center operators, managed service providers (MSPs), etc. operate to safely manage customer data and maintain service reliability.

•

E-commerce and technology companies: Necessary for customer information protection and service stability for online shopping malls, software development companies, technology startups, etc.

Intellectual property rights and key adoption cases

•

6 domestic patent registrations, 1 Japanese patent application (domestic patents 10-2794551, 10-2749050, 10-2744019, 10-2744022, 10-2744024, 10-2806577, Japanese application 2024-145878)

•

2024 Ministry of Science and ICT, IITP SW R&D Awards Ceremony: Received the Director Award from the National Institute of Information and Communications Planning and Evaluation

•

Central Election Commission: Establishment of Sentinelle through security control center SIEM advancement project

Built in the control center of major public institutions Next-generation AI security control automation solution: Code One Sentinelle

Sentinelle is a security control automation platform based on artificial intelligence (AI). Achieve integrated threat management and intelligent response even in complex security infrastructure environments. We respond quickly and accurately to cyber attacks with processing strategies accumulated through verification in actual security control environments. Integrated management of security data through linkage with various security systems and SIEM solutions, effectively detects even covert attacks and unknown new attacks. The AI-based analysis engine goes beyond policy-based detection to identify potential attacks, automatically classifies and processes detected security events, or suggests prioritized optimal response plans depending on the situation, supporting quick and accurate decision-making by security personnel.

In addition, an explainable artificial intelligence (XAI) dashboard visually expresses detection grounds and risk factors, helping administrators clearly understand detection results and implement data-based responses. Sentinelle has excellent processing performance to reliably handle large-scale security events and scalability and flexibility to flexibly respond to changing security environments. In addition, it provides an integrated control dashboard that allows operators to check the entire process of occurrence - analysis - response at a glance, further enhancing the operator's security control experience. In addition, we provide consulting, training, and service support for products according to the needs of companies and organizations. We use our extensive construction experience to ensure smooth operation of products introduced by actual companies, and continuously provide updates and maintenance for products.

With Sentinelle, Security control becomes faster, more accurate and smarter

What is Sentinelle?

Sentinelle (Security Operations Hyper-Automation Solution)

Deployment Model

·Designed to operate on top of existing SIEM without replacing it

·Can be deployed while maintaining the organization's existing security infrastructure as-is

·Applied by adding an AI automation layer on top of the current environment without changing existing SIEM operations

·Ensures operational continuity by minimizing upfront deployment costs and transition risks while leveraging existing SIEM capabilities

AX (AI Transformation)

·The core purpose of Sentinelle is to transform the operational structure so that AI handles the primary tasks previously performed by security operations personnel

·In traditional environments, analysts had to manually review tens of thousands of events per day and individually assess each one for potential attacks

·This environment structurally causes analyst fatigue to accumulate as event volumes grow, delaying response to real threats

·Sentinelle resolves this not through partial feature improvements but by transforming the operational structure itself

·Transitioning to a structure where AI leads operations and analysts focus on strategic decisions is the essential value of Sentinelle

Key Features

·Security events designated by users are automatically closed without additional personnel intervention

·Specific security events automatically execute playbooks based on user pre-configured settings

·Analysts can focus solely on strategic decisions based on AI-processed results

·Attack similarity analysis is performed in parallel even for general security events not classified as attacks

·Even events that do not trigger current detection criteria are continuously monitored for potential threat patterns

·This minimizes detection blind spots and ensures visibility to identify early warning signs of anomalies within the organization's environment

·Logs judged as attack events are continuously accumulated and used as retraining data for the operating AI detection engine

·Updated models are immediately reflected in the detection engine, applying improved criteria from the next event processing

·This progressively forms an environment-adaptive model optimized for a specific organization's log environment and attack patterns

Security Operations Center Support Features

·Helps security personnel directly configure the items they need and accurately understand the current security situation

·Sentinelle provides an intuitive real-time dashboard to improve the operational efficiency of the Security Operations Center

·Security personnel can rapidly understand complex threat data and make immediate response decisions

·Sentinelle provides a feature to generate security statistics and analysis results in report format by directly setting the period and items

·Generated reports can be downloaded in various file formats including PDF, DOC, and HWP

·Can be used for various purposes including management reporting, audit response, and compliance documentation

Why use Sentinelle?

The Need for AI Security Event Automatic Processing System

Product Introduction

Product Features

Auto-Processing

Solution-Suggestion

Similarity-Detection

Timeline-Management

Ticket-Management

Graphics

Reports

1. Threat Auto-Processing Function

AI automatic processing for low-level threats and designated specific attacks

· Ability to configure automatic processing for specific attacks
· Automatic processing of 20 million low-level attacks in 24 hours (based on 21 people working in 3 shifts for 24 hours, processing 10,000 per day/21 people)
· Verification of automatic processing results and statistics
· View of attack occurrence status by level

CodeOne

Sentinelle

Sentinelle (Security Operations Hyper-Automation Solution)

Sentinellef Features

Expected effects upon introduction verified by various control sites such as companies/institutions

Sentinelle Key Features

Automatic processing and management of security events

AI-enabled security threat inspection

AI suggested processing list

Security threat real-time dashboard

Expanded features: generative AI linkage, automatic report

cost savings

Areas requiring Sentinelle AI security control automation solution

Types of companies that need Sentinelle AI security control automation solution

Intellectual property rights and key adoption cases

Built in the control center of major public institutions Next-generation AI security control automation solution: Code One Sentinelle

With Sentinelle, Security control becomes faster, more accurate and smarter

What is Sentinelle?

Sentinelle (Security Operations Hyper-Automation Solution)

Deployment Model

AX (AI Transformation)

Key Features

Security Operations Center Support Features

Why use Sentinelle?

The Need for AI Security Event Automatic Processing System

Product Introduction

Product Features

1. Threat Auto-Processing Function

Introduction video