
As the speed and scale of cyberattacks shift rapidly with the advance of high-performance artificial intelligence (AI), a proposal has emerged that cloud security must also evolve to a "machine speed" phase that responds in real time using AI.
Shin Eun-soo, Principal Security Solutions Architect (PSA) at Amazon Web Services (AWS) Korea, spoke as a presenter at a press briefing held Monday at the AWS Korea office in Yeoksam-dong, Seoul. "With the emergence of high-performance AI, the speed and methods of security response are fundamentally changing," Shin said. "To respond to threats that are becoming increasingly faster and larger in scale, companies must also prepare response tools."
Global frontier AI companies have recently released models capable of everything from vulnerability detection to generating exploit code and suggesting fixes. Recent benchmarks showed attack success rates reaching up to 87%. As a result, the average time for an attacker to successfully hack has been dramatically shortened, from 2.3 years in 2018 to 5 days in 2024, and now to about 20 hours.
By contrast, it still takes companies an average of 32 to 38 days to apply security patches, meaning the gap is widening further. "97% of organizations that experienced AI-related security incidents lacked adequate access control mechanisms," Shin said. "As vulnerabilities that used to emerge at a rate of one or two a day now pour out by the hundreds, security professionals could face burnout from work overload."
Shin introduced AWS's multi-layered defense system to respond to this. AWS operates automated reasoning technology, which perfectly verifies the safety of security policies and network configurations through mathematical algorithms, built into various services. AWS Security currently analyzes 400 trillion network flows per day, monitors an average of 8.8 trillion events per hour through Amazon GuardDuty, and protects more than 1 billion EC2 instances (cloud virtual servers). Last year, it also blocked more than 300 million malicious encryption attempts targeting customer data stored in Amazon S3.
In particular, AWS put "AWS Continuum," which automates the entire process from discovery to verification and remediation of security threats, at the forefront. In this system, which combines prioritization, verification, and remediation agents, AI autonomously performs the full cycle of penetration testing, code scanning, and threat modeling. Japanese software-as-a-service (SaaS) security company HENGE actually adopted the AWS Security Agent to build a 24-hour autonomous penetration testing system, shortening the security verification period by more than 90%.
Lee Jin-wook, head of the LG CNS RED team, said, "The threat of high-performance AI is now too close to say it is far away," and disclosed verification results from adopting the "AWS Security Agent" in an actual work environment. According to Lee, when additional system context such as actual account permission information was provided, review reliability rose from the previous 60% to 90%.
The cost and time savings were also dramatic. In a hybrid approach combining expert verification, review costs were cut by 30% and the period was shortened from 5 days to 3 days. Going a step further, when the Security Agent performed the task alone, costs were reduced by 70% compared to before, and review time was cut by 80%, from 5 days to just 1 day.
"We confirmed excellent effects across overall areas including speed, expertise, cost, and pipeline integration," Lee said. "We successfully completed technical verification for some services through the second quarter of this year, and we plan to expand the scope of security application company-wide from the third quarter onward."







