Integrated Security Rises Against 'Seconds-Long' Hacks... Goal: AI-Managed Protection Systems
AI-Powered Extended Detection and Response Platforms
Toward Autonomous SOCs with Automated AI Response
Google recently discovered cases in which hacking groups developed 'zero-day' attack codes targeting vulnerabilities before security patches are distributed, leveraging the help of artificial intelligence (AI). John Hultquist, Senior Analyst at Google, stated, "Attackers are using AI in various ways to increase the speed, scale, and sophistication of their attacks."
As concerns grow over 'zero-day' attacks due to the proliferation of AI, the security industry is moving to strengthen integrated security operating systems that enable AI to manage the overall security environment in real time.
On May 26, domestic cybersecurity companies are enhancing their Extended Detection and Response (XDR) platforms. Unlike in the past, when multiple individual products were needed for each area of the security infrastructure—such as endpoints, networks, and the cloud—XDR allows for integrated management within a single platform.
AhnLab has integrated the conversational AI security assistant "Annie" into its Software-as-a-Service (SaaS) security threat analysis platform "AhnLab XDR." Logpresso has also launched its AI-based XDR platform "Logpresso Sona 5.0." This platform integrates a range of security infrastructure monitoring features, from attack surface management to real-time threat analysis and response, by deploying an AI agent.
There is also active movement toward establishing autonomous Security Operations Centers (SOCs) where AI analyzes security alerts, determines threat priorities, and initiates responses. Since multiple functions can be connected within a single platform rather than through individual solutions, this approach reduces security operation costs. In addition, AI can detect and respond to threats with real-time precision, making this an efficient solution that is gaining traction.
For the purpose of building an autonomous SOC, Igloo Corporation obtained two related technology patents on May 19. The patents cover technology for identifying and blocking high-risk attacks among security alerts and technology that enables AI to evaluate system vulnerabilities and automatically implement defensive measures. SK Shieldus has developed AI technology that analyzes irregular cyberattack data and plans to expand research aimed at establishing an autonomous SOC.
The Korea Internet & Security Agency (KISA) is also promoting its "Information Security New Technology Support Project" this year, supporting the development of integrated security platforms that use AI to automate threat detection, analysis, and response throughout all system areas.
Some global companies are already achieving results in building autonomous SOCs. On Palo Alto Networks' SOC platform "Cortex XSIAM," AI agents automatically analyze cyber threats and generate response codes. Last month, Google Cloud added three agents based on its Gemini AI model to its security operations system, enabling the platform to autonomously handle everything from threat investigation to response support.
The speed of cyberattacks is accelerating with advances in AI technology. According to CrowdStrike's "2026 Global Threat Report," attacks using AI increased by 89% last year compared to the previous year. In particular, the average intrusion time for cyberattacks was reduced by 65% year-on-year, down to 29 minutes, and the fastest case took only 27 seconds. As attacks can occur within just 20 to 30 minutes, environments have emerged where it is no longer possible to respond with manual human analysis and individual solutions alone.
Hot Picks Today
"Doesn't Know How to Sell Shares": Kim Moonsoo, Who Bought SK hynix at 20,000 Won, Draws Attention Over "100-Fold Return" Rumors
- "Called a High-Net-Worth Individual?"... YouTuber Who Lost 700 Million Won in Short-Term Trading Refutes, "Have You Ever Traded Stocks?"
- "Amputation with Scissors, Hard to Believe...But a Complicated Situation" — Practicing Doctor Weighs In on Incheon Nursing Hospital Controversy
- Was It Really Drugs? Shocking Turn as Suwon "Fentanyl Suspect" Tests Negative in Forensic Report: "I Was Just Weak"
An industry insider said, "Market demand is shifting from individual security solutions with single functions to integrated security solutions that cover vast areas. Fragmented individual technologies alone cannot counter intelligent threats, and a comprehensive defense system is necessary."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
