Qihoo 360’s AI cyber tools push vulnerability hunting and defense into one agentic stack

Qihoo 360 Security Technology is trying to turn AI security from a point product into a coordinated stack.

At a Beijing conference, founder Zhou Hongyi unveiled two tools: Tu Long Feng, which he said automatically hunts for vulnerabilities, and Yi Tian Zhen, which automates cyber defense. The company is pitching them as China’s answer to Anthropic’s Mythos, but the more interesting detail is architectural rather than rhetorical: 360 says it is using an agent-based approach that pairs models with security expertise and automated tooling.

That combination matters. In security operations, the hard part is not just generating plausible findings or recommendations. It is moving from detection to validation to action without losing control of the workflow. By placing models inside an agent loop that can invoke tools, 360 is signaling an ambition to push AI deeper into the SOC stack, where the system would not merely summarize alerts but participate in vulnerability discovery and defensive orchestration.

Zhou said Tu Long Feng has already flagged 3,432 vulnerabilities. That figure should be treated as a company claim unless independently verified, but it is still revealing: 360 wants the market to read the product as more than a proof of concept. The message is that automated vulnerability hunting can be operationalized at scale, not just demonstrated on a benchmark or a narrow lab target.

Yi Tian Zhen appears to be the counterpart on the response side. If Tu Long Feng is the discovery engine, Yi Tian Zhen is the control layer for automated defense. In practice, that likely means ingesting telemetry, correlating alerts, selecting or recommending defensive actions, and pushing those actions into existing security workflows. The promise is a tighter loop between finding weaknesses and containing them. The risk is obvious: once an agent is empowered to act, mistakes become operational, not theoretical.

That is where the technical questions begin.

Agent-based security systems can compress the time between a signal and a response, but only if the surrounding controls are strong enough to prevent the model from amplifying noise. False positives are a particular concern in vulnerability hunting. A system that flags too aggressively can swamp analysts, while one that is too conservative may miss exploitable issues altogether. In defense automation, the stakes are even higher, because a bad recommendation can disrupt services, block legitimate traffic, or create blind spots elsewhere in the environment.

The practical issues are not only about accuracy. They are also about governance. A SOC that adopts tools like these needs a clear answer to several questions: What actions can the agent take autonomously? Which steps require human approval? How are outputs logged and audited? What evidence is retained for later review? How are model updates tested before they are deployed into production? Without those controls, “automation” becomes a euphemism for opaque decision-making.

Interoperability is another constraint. Real security teams already run mixed stacks of SIEM, SOAR, EDR, ticketing, and vulnerability management tools. An agentic system only becomes useful if it can sit inside that environment without creating yet another silo. That means clean integrations, deterministic handoffs, and enough observability for analysts to understand why the model chose a particular course of action.

The broader market framing is just as significant. Zhou has said China’s top AI models still trail Western systems by 20 to 30 percent, and he casts advanced AI vulnerability models as a strategic deterrent problem rather than a normal product category. In his telling, the issue is not simply feature parity with a Western vendor like Anthropic. It is the risk of one side monopolizing capabilities that can both expose and defend critical systems.

That language is deliberate. By comparing AI-enabled vulnerability research to a strategic weapon, 360 is trying to reclassify cyber AI from enterprise tooling to national capability. Whether one accepts that framing or not, it has consequences for incentives. Vendors may be pushed to emphasize defensive automation, governments may take a closer interest in dual-use tooling, and customers may begin to evaluate products not just on detection accuracy but on how safely they can be governed.

The comparison with Mythos also tells you how 360 wants to be judged. It is not presenting Tu Long Feng and Yi Tian Zhen as incremental add-ons to existing security products. It is positioning them as part of a race to build general-purpose cyber AI systems that can find weaknesses and mount defenses with minimal human intervention. That is a more ambitious thesis than traditional security automation, and it is also harder to validate.

For now, the central question is whether 360’s claims survive contact with production environments. Independent benchmarking will matter more than launch-stage claims of thousands of vulnerabilities found. So will evidence of safe SOC integration, auditability, and clear human override points. If those pieces are absent, the tools may still be useful, but only as assisted workflows rather than autonomous defenders.

What to watch next is straightforward: whether 360 publishes verifiable performance data, how much control operators retain over the agents, how the tools integrate with existing SOC stacks, and whether competitors answer with similar agentic architectures. Until then, Tu Long Feng and Yi Tian Zhen are best read as both a product announcement and a market signal — one that argues cyber AI is entering an escalation phase, even if the operational proof is still ahead of the rhetoric.