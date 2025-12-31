Sungkyun Jung, CEO of Meta Forensics (Incubation company at DDM Youth Startup Center Unicorn)



Combines on-device AI scanners with cloud intelligence

Analyzes the ‘genetic lineage’ of malware in real time without uploading original files

Meta Forensics, a startup that develops and provides AI security solutions, is setting a new agenda in the market. Founded in April 2022 by CEO Sungkyun Jung (32), the company has expressed an ambitious vision to address long-standing challenges in the industry through a malware modeling and analysis platform powered by cutting-edge AI technology.Meta Forensics’ core competitiveness lies in its integrated workflow that connects the on-device AI scanner ‘Semantics-AV’ with the cloud-based ‘Semantics-Intelligence’ platform. First, the scanner directly analyzes files in the user’s local environment for prompt detection of threats. When deeper analysis is needed, the user can query only the unique characteristics of the file on the cloud platform based on the detection results. The final output of this workflow, which combines the speed and security of offline processing with the in-depth analytical capabilities of online systems, is an expert-level security analysis report instantly generated through a large language model (LLM).“The conventional analysis required sending sensitive original files to external servers, which raised concerns about data leaks and inefficiency. We address this issue by enabling on-device AI to extract only the file’s unique genetic feature vectors. With just this small ‘fingerprint,’ users can query our cloud intelligence to obtain in-depth context by comparing it with an extensive malware database. This technology of providing in-depth analysis without sending original files represents an unprecedented approach and has the potential to redefine the paradigm of malware analysis.”Meta Forensics’ bold move lies in its technological confidence to break the industry’s so-called ‘safe consensus.’ CEO Jung explained it this way. “The reason the industry still heavily relies on traditional database-based malware detection methods and leaves AI as an auxiliary tool only is due to two dilemmas: the chronic ‘false positive’ problem of AI and the issue of ‘explainability,’ where even when a threat is detected, it remains unclear why it is considered a threat. We are tackling this challenge head-on with ‘Semantics-AV,’ a Pure AI-Native engine that intentionally removes that safety net. This reflects our confidence that our AI has achieved reliability with a low false positive rate and transparency by presenting the reasoning behind its decisions. We plan to prove its value by distributing the scanner so that anyone can directly compare and verify its performance.”“This technological disclosure goes beyond proving transparency; it marks the first step toward our greater goal of ‘popularizing premium threat intelligence.’ The traditional threat intelligence market has been accessible only through costly B2B contracts, effectively making it the exclusive domain of a few experts and large corporations. We aim to break down this barrier to information accessibility. Through our freely distributed scanner, all developers and small organizations can experience the value of our technology and, when deeper analysis is needed, easily access the Semantics-Intelligence platform through an affordable API plan.”Furthermore, the complex analytical results of the intelligence are automatically generated into natural-language reports that can be immediately understood even by non-experts. The CEO emphasized the core value of the company’s platform in this process. “Large Language Models (LLMs), which have recently drawn significant attention, truly demonstrate their value only when paired with the right questions and context. The true role of our Semantics-Intelligence platform is to provide precisely this optimal context. Rather than merely labeling a file as ‘malicious,’ our system presents objective data on its genetic relationships and risk levels, which naturally results in reports containing deep insights.”Based on this technological philosophy, Meta Forensics is implementing a bottom-up approach, reaching out directly to the developer community instead of relying on traditional B2B sales. As the first step, the company plans to release the Linux version of Semantics-AV on GitHub in the near future. CEO Jung explained that this release carries significance beyond a simple product distribution.Regarding future plans, he presented a clear roadmap, stating, “Our goal is to make our product a fundamental tool that every developer in the world can trust and use.”“The first goal is to inherit the ecosystem of ‘ClamAV.’ Our goal is for Semantics-AV to become the new standard scanner, replacing ClamAV in the field of Linux server security scanning. To achieve this, we will actively incorporate feedback from the community and provide developer-friendly deployment options, such as Docker containers and daemons. The second goal is to establish a new standard for initial analysis. If multi-engine scanning services, like VirusTotal, represent the ‘collective intelligence’ of numerous security companies, we can offer deeper insights through the unique ‘genetic context’ provided by a single AI engine. We hope that the Semantics-Intelligence API will become the ‘first point of reference’ for quickly and accurately determining the identity and risk of any detected threat.”reporter jinho leejinho2323@hankyung.com