Claude Mythos has now created an entirely new structural shift in cybersecurity. To me, this shift is huge, and the impacts are merely mysteries. The time from a known vulnerability to becoming weaponized has gone from weeks to hours. Human speed defenses and vulnerability management will be obsolete. AI models can now scan entire code bases, chain complex exploits together, and engineer malicious tasks quicker than we can. So what do we humans do now, to rethink our architectures and prioritize containment and resilience? But what does that exactly mean, and what can we do to prepare?

Phase One: Immediate Triage

There are things that organizations can do today to start advancing their security programs. Innovative governance will be required to bring security, legal, engineering, and other key stakeholders together to onboard and fast-track defensive AI technologies and update relevant risk models. First, organizations need an AI Agent to conduct a security review on your pipelines, code, and all dependencies. Code needs to be checked by LLM engines and pass an LLM security review before being released out into the wild. There are several ways to do this, especially if you are not part of Project Glasswing. You can integrate tools into your GitHub workflows to serve as somewhat of a gatekeeper, like Snyk, CodeRabbit, or Codegen. Each comes with its own strengths, so it is key to find the best for your business. These "Coding Agents" are not optional and need to be implemented across all security functions. Making this usage mandatory allows integration into daily teams. Second, organizations can integrate and onboard other AI-first technology agents that build workflows with various classes of agents. Some are "Daily Drivers," others "Virtual Teammates," and others involve "Glue and Orchestration." The goal of using these agents is to move towards an AI-first SDLC/CID pipeline where 60-80% of the flow is written by agents, but designed by humans and supplemented with security checks. Right now, as organizations are discovering more with Glasswing, ensure your organization is ready to expedite the patching process and implement continuous vulnerability management.

Phase Two: Back to Basics and Enterprise Environment Hardening

Once you have taken immediate actions and performed triage, it is time to start enterprise hardening. Using AI inventorying of systems and assets provides the first part of continuous systems posture management. Your organization's System Bill of Materials needs to be continuously updated. When you use AI agents to scan your infrastructure, the SBOM gives the agents a map of your codebase and its dependencies. Organizations need a modern "BOM" stack that scans cloud infrastructure, infrastructure-as-code (IAC), and containers pre-and post-deployment. The new EU Cyber Resilience Act and the January 2026 EO require BOM generation. In addition to having current updated BOMs, ensure that identities, endpoints, servers, and devices are also appropriately inventoried as well. Organizations need to go back to the basics and verify and ensure their Zero Trust story. Double down on deep network segmentation, implement strong multi-factor authentication and ensure it's phishing-resistant, mandate Zero Trust, and egress point. In addition to doubling down on the original infrastructure risks we have discussed, deploying privileged AI agents introduces new threats and vulnerabilities as well. Some of these have been covered in previous blogs. Organizations need to define strict scope boundaries, mandate human override mechanisms, and audit the agent's prompts and tools with the exact same rigor as its permissions.

Phase Three: Long Term Goal

Prioritize team resilience. Human expertise is short and very impossible to replace. Leadership should consider encouraging the use of tools through proper training and enablement to be powerful with AI, but leverage their know-how of organizations and how to make them better. Second, as we have shifted to a continuous AI-first automated SecDevOps world, continuous Vulnerability Operations management practices need to be adopted. Creating a team that is responsible for continuous, autonomous vulnerability discovery and building automated remediation pipelines will help identify and remediate tasks quickly, and allow for the implementation of reverse engineering AI to continuously stay ahead of the latest threats.