In the age of Mythos, security is more important than ever
Vulnerabilities are a reality of every technological device and code base in existence. This has been true for as long as I’ve been in security. The difference is that with AI, the speed and scale at which they’re discovered and exploited is exponentially greater.
AI is a double-edged sword in security. The same capability that lets defenders find vulnerabilities faster also puts that power in the hands of attackers. That's what makes Anthropic's Claude Mythos so significant — a model trained to be exceptionally good at software engineering also turns out to be equally good at finding what's been hiding in complex codebases for years. Things that have been sitting quietly, waiting to be found.
The uncomfortable truth is that if you can use AI to find vulnerabilities in your own products, the bad guys can too. And the window between discovery and exploitation has narrowed dramatically — meaning attackers may already be inside your infrastructure before you even know the vulnerability exists, let alone have a patch or mitigation ready to deploy.
That changes the equation for security leaders. Organizations can no longer assume they’ll have days or weeks to respond once vulnerabilities are discovered.
Is Mythos just another LLM, or is it the world’s most dangerous cyberweapon?
So…what’s an IT professional to do? Is Mythos just another LLM, or is it the world’s most dangerous cyberweapon?
Familiar with Mythos as a Project Glasswing participant from our experiences using it to assess code across HPE’s wide product portfolio, we at HPE would argue that it’s somewhere in the middle. Mythos is very good at understanding large software projects and finding non-trivial bugs, particularly in memory management, but is not an unstoppable weapon that will escape all guardrails and take over. Critically, IT professionals have to rethink what they’re already using for security.
We've believed for years that the network is one of the most underutilized tools in the defender's toolkit. The network can see it all. Every device, every connection, every anomalous behavior pattern; it's all there if you're paying attention. A home-office router used as a stepping stone into critical government infrastructure. An IoT device suddenly reaching out to systems it has no business talking to. Lateral movement that would be invisible to a perimeter-focused defense. The network knows.
In the era of AI-driven threats, organizations need to start treating the network as a real-time security sensor — not just infrastructure that moves traffic.
And in the era of AI-driven threats, organizations need to start treating the network as a real-time security sensor — not just infrastructure that moves traffic.
But identifying vulnerabilities is only half the equation. The other half is what you do with that information: how it gets acted on, and how directly it feeds into the defenses you’re already running. That's why HPE Threat Labs exists — not just to track what's happening in the wild, but to actively try to break our own products before anyone else does. The insights we surface feed into our AI-native networking and security solutions, closing the loop between finding a problem and fixing it.
Which brings us to the practical question: what should organizations actually be doing now?
- Adopt a Zero Trust approach that puts the network at the center of enforcement. Authenticate access as close to the user as possible, at the switch or access point, and continuously monitor active sessions so that if an endpoint gets compromised after a connection is made, that session gets dropped immediately. Not alerted on. Dropped.
- Prepare to accelerate change management processes. AI-assisted vulnerability discovery will likely result in a higher volume of security advisories, often with critical severity ratings. Waiting for regularly scheduled maintenance windows may no longer be fast enough. Organizations should be prepared to prioritize emergency patching and faster remediation workflows.
- Be willing to make difficult operational tradeoffs. There will be moments where you won't have time to fully test every update deployment. While neither outcome is ideal, a temporary outage may be preferable to allowing attackers to establish a long-term foothold in your environment.
- Reduce complexity where you can. Vendors naturally prioritize patches for their most widely deployed software lines first. Organizations running heavily customized environments or unique configurations may wait longer for updates and receive less-tested patches. Standardizing on mainstream, broadly supported configurations improves resilience and speeds remediation.
- Break down silos between networking and security teams. Threats move too fast for disconnected operations. Shared visibility, shared policy frameworks, and coordinated response across networking and security functions are becoming essential, and
- Use the tools at hand, including Mythos, to change how you do software development going forward. AI models must now become a permanent part of the code review process.
None of this is glamorous. But it's what separates the organizations that recover quickly from the ones that don't.
The vision — and I think it's a realistic one — is that AI ultimately helps us reach a world with fewer vulnerabilities in the systems critical infrastructure depends on. But getting there requires organizations to rethink how they approach resilience altogether. In an AI-driven threat landscape, resilience will increasingly depend on continuous visibility, faster operational response, AI-native architectures, and security that is deeply integrated into the network itself.
That’s what HPE is working to help customers build.
























