The cybersecurity world is having a moment. Mythos and Project Glasswing hit the scene, and suddenly everyone’s talking about AI agents finding and patching vulnerabilities at machine speed. I’ve been watching this space long enough to know hype when I see it, but this time the underlying shift is real.
Let’s cut through the noise.
Mythos Isn’t What You Think It Is
Mythos is being called a “frontier AI model,” but that’s misleading. Yes, it’s a large language model that can process code. Yes, it performs well on code tasks. But the real breakthrough isn’t the model itself—it’s the system wrapped around it.
The recipe looks like this: serious compute power, models trained on massive code datasets, scaffolding designed for vulnerability probing and patching, speed (which money buys), and a degree of autonomy. Put those together and you get something that can find exploits, build patches, and do it fast.
This matters because the recipe is replicable. You don’t need Mythos-sized models to get similar results. Smaller models embedded in well-designed systems with real security expertise can probably do the same thing for less money. AI cybersecurity capability is jagged—it doesn’t scale neatly with model size or benchmark scores. The system matters more than the model.
What Mythos actually proves is that we can build AI systems that autonomously find and fix software vulnerabilities. We knew this was coming. But we’re only starting to understand what it means when these systems can act at machine speed without waiting for a human to click “yes.”
Openness as a Structural Advantage, Not a Philosophy
As autonomous vulnerability-hunting systems proliferate—and they will—open code and tooling become a strategic asset, not just a nice-to-have.
Software security has become a four-stage speed race: detect the vulnerability, verify it, coordinate a fix, and propagate the patch. In an open ecosystem, those stages get distributed across a community. In a closed-source project, they’re centralized inside a single vendor. That’s a single point of failure—one organization that can see and fix the code, and one organization that can miss it.
Open development is structurally more resilient here. Look at the Linux kernel security team, the Open Source Security Foundation, or the supply-chain security work happening at Hugging Face. These are communities where security professionals are embedded in the development process, not bolted on after the fact.
The counterargument I keep hearing is “security through obscurity”—hiding the code makes it harder to attack. That argument is getting weaker by the day. AI systems are increasingly good at reverse engineering stripped binaries. Most legacy firmware and embedded code is closed, binary-only, and no longer maintained. That’s a huge attack surface, and it’s becoming more legible to AI tools every quarter.
There’s another risk that doesn’t get enough attention: how AI is being used inside closed codebases. When companies adopt AI coding tools and evaluate engineers on feature volume instead of code quality, AI-accelerated development can introduce more vulnerabilities than traditional development would. Those vulnerabilities sit inside a closed codebase where only one organization can find and fix them. Meanwhile, AI-enabled attackers are getting better at finding them from the outside. More vulnerabilities produced faster, behind a single-organization firewall—that’s exactly the imbalance open ecosystems are designed to avoid.
Underneath all of this is capability asymmetry between attackers and defenders. Open models and open tooling narrow that gap. They give defenders access to the same class of capabilities attackers can reach for, instead of concentrating those capabilities within a handful of well-resourced entities.
Semi-Autonomous Agents Are the Sweet Spot
Based on what I’ve seen in the Mythos system card, it can operate with close to full autonomy. That’s concerning. We’ve been advising against fully autonomous AI agents for security work because of the potential for loss of control.
Semi-autonomous agents are a different story. You prespecify what actions they can take, require human approval for certain steps, and keep people in the loop. The AI handles specific subtasks—scanning code, identifying potential vulnerabilities, suggesting patches—while humans make the final call.
This is where open code shines. Organizations can run these semi-autonomous agents privately within their own infrastructure, specifying exactly what tools, skills, and system access the agent has. No data leaves the building. No third-party vendor sees your internal code. The agent finds vulnerabilities, assists with patches, and does it all under human supervision.
I’ve seen this approach work in practice with smaller teams. The barrier to entry is dropping fast. You don’t need a massive AI budget to deploy defensive agents. You need good open tools, a clear understanding of your attack surface, and the discipline to keep humans in control.
The Real Fight Is Over the System, Not the Model
The Mythos announcement has triggered the usual debates about open versus closed AI. But the cybersecurity angle makes this conversation more concrete than most.
Closed-source advocates will argue that proprietary systems are more secure because fewer people can see the code. That argument has always been shaky, and AI is making it untenable. When attackers can use AI to reverse engineer binaries and find vulnerabilities at scale, hiding your code doesn’t help as much as you think.
Meanwhile, the organizations that will benefit most from open AI cybersecurity tools are the ones that can least afford proprietary solutions: small businesses, nonprofits, critical infrastructure operators, and governments outside the tech hubs. Open tools level the playing field in a way that closed-source vendors never will.
The next few years are going to be messy. We’ll see AI-powered attacks that move faster than anything we’ve dealt with before. We’ll also see AI-powered defenses that can keep up—if we build them right. The choice isn’t between open and closed as abstract philosophies. It’s between distributed resilience and centralized fragility.
I know which side I’m betting on.
Comments (0)
Login Log in to comment.
Be the first to comment!