Integrated Security Rises Against ‘Seconds-Long’ Hacks… Goal: AI-Managed Protection Systems #AI

Google recently discovered cases where hacking organizations developed ‘zero-day’ attack codes with the help of artificial intelligence (AI), targeting vulnerabilities before security patches are distributed. John Hultquist, Principal Analyst at Google, said, “Attackers are leveraging AI in various ways to increase the speed, scale, and sophistication of their attacks.”

As concerns over ‘zero-day’ attacks rise with the proliferation of AI, the cybersecurity industry is moving to strengthen integrated security operation systems that allow AI to manage the entire security environment in real time.

On the 26th, domestic cybersecurity companies have been enhancing their Extended Detection and Response (XDR) platforms. Unlike the past, where multiple standalone products were required for each area of security infrastructure—such as endpoints, networks, and cloud—XDR allows for integrated management within a single platform.

AhnLab has integrated a conversational AI security assistant named ‘Annie’ into its Software-as-a-Service (SaaS) security threat analysis platform ‘AhnLab XDR.’ Logpresso has also launched its AI-based XDR platform ‘Luna 5.0.’ These solutions integrate various security infrastructure monitoring functions, from attack surface management to real-time threat analysis and response, with AI agents to enhance capabilities.

There is also increasing momentum to establish autonomous Security Operation Centers (SOCs), where AI analyzes security alerts, prioritizes threats, and coordinates responses. Since multiple functions can be connected through a single platform rather than separate solutions, this reduces security operation costs. Moreover, AI can detect and respond to threats in real time with precision, making this approach a highly efficient solution.

For the construction of autonomous SOCs, Igloo Corporation acquired two related technology patents on the 19th. These include technology for selecting and blocking high-risk attacks among security alerts and technology for AI to assess system security vulnerabilities and automatically implement defensive measures. SK Shieldus also plans to expand its research for autonomous SOCs after developing AI technology that analyzes irregular cyberattack data.

The Korea Internet & Security Agency (KISA) is also promoting its ‘Information Security New Technology Support Project’ this year, helping to develop integrated security platforms that automate threat detection, analysis, and response across all system domains using AI.

Some global companies are already achieving results in building autonomous SOCs. In Palo Alto Networks’ SOC platform ‘Cortex XSIAM,’ AI agents automatically analyze cyber threats and generate response codes. Last month, Google Cloud also added three agents based on its own AI model Gemini to its security operating system, enabling autonomous processing of tasks from threat investigation to response support.

The advancement of AI technology is accelerating the pace of cyberattacks. According to the ‘2026 Global Threat Report’ by global cybersecurity company CrowdStrike, attacks utilizing AI increased by 89% last year compared to the previous year. In particular, the average breach time for cyberattacks shortened by 65% to just 29 minutes, with the fastest case taking only 27 seconds. Because attacks can occur within just 20 to 30 minutes, it has become impossible to respond with manual analysis and individual solutions alone.

An industry official said, “Market demand is shifting from individual security solutions with single functions to integrated security solutions that cover vast areas. Fragmented, standalone technologies alone cannot respond to intelligent threats, and a comprehensive defense system is essential.”

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.