The Mythos Moment: Enterprises Must Fight Agents with Agents

When Anthropic introduced its Claude Mythos Preview, it realized the enormous cyber risk it posed and decided it was too dangerous for public release. The model can identify and exploit software vulnerabilities with razor-sharp accuracy, and in malicious hands, it could prove catastrophic for organizations worldwide. While this model is yet another leap in AI, it has again put the spotlight on the rise of advanced agentic AI systems that can plan, decide, and execute tasks with autonomy. Security teams will have to battle a threat model configured to discover vulnerabilities and execute attacks at scale, without human intervention. As we have seen with Mythos, these systems are not at the experimental stage; the 1,500% rise in discussion about the malicious use of AI suggests that agentic AI frameworks are being operationalized. But it’s not just the frequency of attacks that is worrisome; the rapid adoption of agentic AI is poised to multiply the already high number of vulnerabilities. As discovery becomes automated, organizations will face a surge in zero-day exploits and newly disclosed CVEs, creating a constant stream of exposure. This evolving threat scenario is forcing the rise of equally autonomous agentic AI defensive countermeasures. Traditional Security is Falling Short Modern IT ecosystems are highly distributed, spanning cloud workloads, branch locations, remote users, edge devices, and more. Cybersecurity coverage for such environments typically includes firewalls, VPN gateways, and related services. Security frameworks play catch-up with new threats, adding more tools to the already burgeoning sprawl, with fragmentation creeping in. Such environments generate a mix of signals across multiple security layers, making it difficult to correlate signals and ward off sophisticated attacks. Agentic AI is making it more difficult for teams to build a strong security posture. They now have to reconcile with combating agentic AI attack chains that keep probing for vulnerabilities and, after identifying such vulnerabilities, craft dynamic, sequential attacks that can automatically pivot based on the defenses they encounter. And this is not the worst of it. Such attacks occur at machine speed, making them difficult to stop. Throwing more tools at this threat landscape is not the answer. It will just lead to more fragmentation, giving AI-driven cyberthreats a field day to exploit and create vulnerabilities. What is needed is a different security foundation. New Security Architecture for the AI Era A new security framework for the AI era should stand on three critical pillars: visibility, context, and autonomous control. Network Visibility: An attack launched in a distributed environment can easily spread across users, applications, and the cloud services of the IT infrastructure. Detecting such an attack based on a single element is impossible. A unified network is needed, one that provides complete visibility into the attack lifecycle by capturing and inspecting traffic across all domains over time. Platform Context: Visibility without context, however, creates noise rather than intelligence. The focus should be on understanding what is happening, and a converged platform helps you do that by correlating security and networking data in a single pane of glass, rather than piecing together signals from discrete tools post-incident. This architectural model ensures that context is not only provided but also preserved in real time for reconstruction later if needed. An AI attack begins with low-signal activities that appear benign in isolation but, with identified context, can be recognized as part of a larger attack sequence. This is actionable intelligence. Agentic Control: With attackers becoming autonomous and able to scale attacks at will and at speed, defense mechanisms must also operate at machine speed. Agentic systems can continuously analyze activity, identify emerging patterns, and dynamically generate protection. Slow, laborious human-led responses yield to security that responds in real time. Do not mistake this for automation; this is what I call autonomy in defense. Agentic systems can keep correlating activity across extended patterns, identifying patterns that appear benign, but as they continue viewing them over time, they appreciate their significance. In a threat theatre where attackers try to hide under the table with low-signal actions that culminate in serious incidents, continuous behavioral analytics are critical for staying on top of such threats. Agentic-Driven Defenses for a New Threat Landscape Traditional enterprise defenses cannot protect against a threat landscape led by autonomous attacks. Manual investigation or human-led escalation will only be playing catch-up. A future-ready enterprise defense should be an agentic, AI-driven system that enables day-to-day security operations at machine speed. This framework is best served by a same-day vulnerability protection agent that automatically generates and enforces protections the moment new threats are disclosed, closing the gap between CVE publication and remediation. It can also include a zero-day attack protection agent that continuously analyzes activity for early signs of unknown attacks, then dynamically creates and deploys protections before the attack chain can escalate. Together, these agents make the enterprise defense more continuous, coordinated, and immediate in its detection, interpretation, and response. When full lifecycle visibility, real-time contextual intelligence, and autonomous control come together, they enable a fundamentally new kind of mitigation. They enable an agentic defender to match agentic attackers in speed, scale, and continuous adaptation, while directing those capabilities toward protection rather than exploitation. Learn More at the AI Risk Summit | Ritz-Carlton, Half Moon Bay Related: Claude Mythos Finds 271 Firefox Vulnerabilities Related: Critical Vulnerability in Claude Code Emerges Days After Source Leak WRITTEN BY Etay Maor Etay Maor is Vice President of Threat Intelligence at Cato Networks, a founding member of Cato CTRL, and an industry-recognized cybersecurity researcher. Prior to joining Cato in 2021, Etay was the chief security officer for IntSights (acquired by Rapid7), where he led strategic cybersecurity research and security services. Etay has also held senior security positions at Trusteer (acquired by IBM) and RSA Security’s Cyber Threats Research Labs. Etay is an adjunct professor at Boston College and is part of the Call for Paper (CFP) committees for the RSA Conference and Qubits Conference. Etay holds a Master’s degree in Counterterrorism and Cyber-Terrorism and a Bachelor's degree in Computer Science from IDC Herzliya. More from Etay Maor Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw Living off the AI: The Next Evolution of Attacker Tradecraft Rethinking Security for Agentic AI How TTP-based Defenses Outperform Traditional IoC Hunting Will AI-SPM Become the Standard Security Layer for Safe AI Adoption? Who’s Really Behind the Mask? Combatting Identity Fraud The ZTNA Blind Spot: Why Unmanaged Devices Threaten Your Hybrid Workforce Applying the OODA Loop to Solve the Shadow AI Problem Latest News Cyber Insurance Data Gives CISOs New Ammo for Budget Talks Vimeo Confirms User and Customer Data Breach Webinar Today: A Step-by-Step Approach to AI Governance Robinhood Vulnerability Exploited for Phishing Attacks Alleged Chinese State Hacker Extradited to US Dozens of Open VSX Extension Clones Linked to GlassWorm Malware Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety Trending Webinar: A Step-By-Step Approach To AI Governance April 28, 2026 With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment. Register Virtual Event: Threat Detection And Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register People on the Move Neill Feather has been named Chief Executive Officer at Point Wild. Oasis Security has appointed Michael DeCesare as President. Sterling Wilson has joined IGEL as Global Field CTO, Business Continuity and Disaster Recovery. More People On The Move Expert Insights Why Cybersecurity Must Rethink Defense In The Age Of Autonomous Agents From autonomous code generation to decision-making systems that initiate actions without human intervention, the industry is entering a new phase. (Torsten George) Government Can’t Win The Cyber War Without The Private Sector Securing national resilience now depends on faster, deeper partnerships with the private sector. (Steve Durbin) The Hidden ROI Of Visibility: Better Decisions, Better Behavior, Better Security Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. (Joshua Goldfarb) The New Rules Of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Flipboard Reddit Whatsapp Email