Security updates and antivirus are not the same.
Having the latest updates to Windows is extremely important. Some updates are minor, however some are major security updates that protect you from malicious users and programs. Even if your Windows XP is completely up to date, that doesnt mean new exploits cannot be found and exploited. And since Windows XP is no longer supported, there will be no more patches to fix any new security holes.
Running Windows XP, now that it is no longer supported, is playing with fire. Sooner or later, someone will find a security flaw that can be used maliciously.
Having up to date anti-malware/virus is also important, however those programs will only protect you from known viruses/malware. An undetected program can use an unpatched security exploit and wreak havoc. That coupled with the fact these anti-malware programs are far from perfect at detecting even known malware, you are taking a risk.
IMO, I would recommend getting off of Windows XP. Windows 7,8, and 10 are far more stable and secure. Another option would be to move to Linux, but that has its own downsides.
Yes, you can stay on Windows XP and you might not ever have a problem, but is that a risk you are willing to take?