Samsung SDS Strengthens Cybersecurity Competitiveness Through its Cooperations

Samsung SDS is reinforcing its cybersecurity capabilities by partnering with leading security firms worldwide, aiming to keep pace with the rapid diffusion of AI agents and the accelerating shift of enterprises to cloud environments. The company will work with AI‑security leader XBOW, domestic cloud‑security specialist Tatum Security to advance AI‑driven vulnerability detection, integrated cloud‑security monitoring, and incident‑response across the entire security lifecycle. Through these collaborations, Samsung SDS intends to enable corporate customers to adopt and operate AI and cloud services more safely, enhancing preventive measures as well as response and recovery functions.

Samsung SDS plans to broaden AI‑based vulnerability scanning for web‑based IT assets through its partnership with XBOW. Founded in 2024, XBOW attracted global attention in June 2025 by ranking first on HackerOne’s leaderboard, where its AI identified vulnerabilities faster and more accurately than world leading human experts. Leveraging XBOW’s technology, Samsung SDS will conduct simulated attacks that pinpoint hidden flaws in clients’ web services and data assets with greater speed and precision, allowing for prompt remediation. This offensive stance is expected to stabilize service availability, raise information‑protection standards, boost confidence among clients and end‑users, and reduce the likelihood of legal or financial losses stemming from security incidents.

Through cooperation with Tatum Security, Samsung SDS will also strengthen a unified security‑monitoring framework suited to multi‑cloud environments. Established in 2020, Tatum is a leading Korean CSPM startup that consolidates and visualizes resources across major public and private clouds - including AWS, Azure, GCP, and SCP - on a single console. The joint effort will give customers a consolidated view of assets and security posture across multiple clouds, enabling early detection of anomalies and risks. As a result, organizations can either prevent incidents before they occur or respond swiftly when problems arise. Samsung SDS anticipates expanding this partnership to cover cloud‑access and permission‑management services as well as joint development initiatives.

In addition, Samsung SDS is reinforcing its response capabilities before and after security incidents. As cyber threats have recently become more sophisticated and intelligent, the importance of rapid analysis, response, and recovery systems is growing. Accordingly, the company plans to offer an "Incident Response" service to support customers in maintaining business continuity and enhancing cyber resilience. This service will prevent further losses and shorten recovery times through agile analysis and measures when incidents occur, while also providing support for analyzing the cause of the incident and establishing measures to prevent recurrence.
VP Yong‑Min Chang, Security Business Team Leader at Samsung SDS remarked, “Through balanced partnerships with leading global and domestic security firms we have built a comprehensive cybersecurity framework that spans proactive prevention, continuous monitoring, and post‑incident recovery. By combining world‑class technology, locally tailored solutions, and Samsung SDS’s operational know‑how, we will proactively counter the surge of novel threats that accompany the widespread adoption of AI within enterprises.”


Keywords:
HackerOne – The world’s largest bug‑bounty platform, with 2.4 million ethical hackers.
CSPM: Cloud Security Posture Management - A solution that detects and remediates mis-configs and vulnerabilities in cloud environments, continuously managing overall security posture.
MSS: Managed Security Service - A service in which a specialized security provider monitors a client’s IT infrastructure and network, handling threat detection, response, and device management.
IR (Incident Response) – An organized service that swiftly detects, contains, eradicates, and recovers from cyber‑attack incidents, minimizing damage and restoring normal operations.