en.Wedoany.com Reported - AWS and LG CNS have proposed "machine-speed security" as a security response strategy in the era of artificial intelligence (AI). This strategy enhances security response speed by automating detection, analysis, and processing workflows to match the speed of attacks. With the proliferation of generative AI and high-performance AI models, the time required for vulnerability discovery and attack code generation has shortened, pushing enterprise security systems toward automation-centric approaches.

AWS Korea held the "AWS Security 101 Press Conference" at its office in Gangnam-gu, Seoul on the 1st, sharing AWS's multi-layered security system and machine-speed security automation, along with LG CNS's application case of the AWS Security Agent.
AI Threats: Scale, Speed, and Accessibility Have Changed
Shin Eun-soo (Principal Security Solutions Architect at AWS Korea) stated that the emergence of high-performance AI could disrupt conventional perceptions of time. He explained that discovering vulnerabilities and crafting attack codes previously took days or longer, but this time has been significantly reduced with AI.
Shin categorized the differences in AI security threats into scale, speed, and accessibility. He noted that high-performance AI makes it easy and convenient to find vulnerabilities, inevitably leading to a significant increase in the number of vulnerabilities enterprises receive. He also emphasized the speed issue, pointing out that vulnerability discovery time is drastically shorter compared to manual discovery, and attackers react much faster than compliance frameworks, meaning existing security checks and patch processes alone may be insufficient.
AWS proposed automated reasoning, proactive security systems, and security agents as countermeasures. Shin stressed that security cannot rely solely on probabilistic methods, and AWS adopts a deterministic approach rather than a probabilistic one. He explained that to reduce the likelihood of AI providing plausible but incorrect answers, security verification uses a method based on established logic and rules for judgment.
The AWS Security Agent is an AI security agent that autonomously performs hacker simulations to discover vulnerabilities. Shin stated that the penetration testing provided by the Security Agent involves generative AI automatically executing what was previously done manually by humans.
AI Penetration Testing: Reducing Inspection Time and Costs
At the conference, Lee Jin-wook, Head of the LG CNS Red Team, introduced a case of applying machine-speed security to actual security inspection processes using the AWS Security Agent. LG CNS has established a security inspection system where AI agents first perform repetitive penetration testing, and white-hat hackers verify the results. This adds an AI inspection step to the existing process to increase speed, allowing experts to focus on verifying complex vulnerabilities.
The LG CNS Red Team is a security expert organization composed of white-hat hackers responsible for conducting simulated hacker attacks and eliminating vulnerabilities for client companies and its own solutions. LG CNS operates a "quality gate" process that checks performance, legal, privacy, and security items before delivering developed solutions to clients.

Lee cited the increasing demand for security inspections as the background for introducing AI. He stated that with 2024 as 100%, demand is expected to grow by over 30% by 2026, driven by heightened client anxiety due to major security incidents and increased demand for simulated hacker attacks from changes caused by AI transformation (AX) projects. He also noted the limitations of existing automation tools and expert inspections, where dynamic application security testing tools generate many false positives due to pattern-based scanning, and expert penetration testing, while effective at identifying business vulnerabilities, is costly and time-consuming.
LG CNS views AI-driven penetration testing as a means of executing machine-speed security. Lee said that AI agents act like white-hat hackers and can discover various vulnerabilities. Practical application results are reflected in inspection time and cost savings: in a model including expert verification, the average inspection cycle was reduced from 5 days to 3 days; when executed solely by the AWS Security Agent, it was reduced from 5 days to 1 day. Costs were reduced by 30% and 70%, respectively.
Lee stated that with the advancement of AI, the barrier to acquiring attack techniques has lowered, increasing the necessity for inspections against external attacks. However, the burden of continuously expanding expert teams such as white-hat hackers is heavy, making the AWS Security Agent a viable solution.









