So in this blog we tend to talk about Securing Generative AI more than the other 3 categories we previously defined around what security in generative AI means; but there is no escaping the Claude Mythos conversation going on right now. Claude Mythos is Anthropic’s latest frontier model, a system so proficient at autonomous vulnerability research and exploit chaining that its creators have restricted its public release, citing "destructive cybersecurity potential." In internal testing, Mythos independently discovered thousands of zero-day vulnerabilities across every major operating system, including a 27-year-old flaw in OpenBSD that had survived nearly three decades of expert scrutiny (though the importance of this is openly debated).
While others are dumping copious amounts of ink on the "superhacker" risks, the global AI weaponization impact, and the impact to red-teaming and autonomous security testing, a few have also tried to talk about the more practical implications. The Cloud Security Alliance (CSA), for example, published an interesting and well received white paper called The “AI Vulnerability Storm”: Building a “Mythos-ready” Security Program. The document is a rapid-response framework that provides an essential risk register and diagnostic tools to triage the impending wave of AI-generated exploits. But buried in the CSA guidance, and a lot of the other guidance around responding to the realities Claude Mythos creates, are some bad assumptions that will do more harm than good.
Today, we're going to talk about the worst one: we just need to focus on patching better. Because we’ve spent decades pretending that if we just worked a little harder, automated a little more, and bought one more scanner, we could stay ahead of the vulnerability curve. And those same decades show us reality just isn't that simple.
If we jump into the CSA Whitepaper, and look at the Priority Actions starting on page 19, we see some interesting actions and recommendations for preparing for a flood of patches and software vulnerabilities. Specifically, in item number 5, the CSA urges organizations to "Prepare for Continuous Patching." And CSA isn't alone here, the same Wiz blog we mentioned earlier said "This means that security teams need to either be ready to patch faster than before, or do the hard work required to make software vulnerabilities a non-issue in their environment through a combination of attack surface reduction and defense in depth." But this is where recommendations start to loses touch with the reality of security teams. For decades, we have failed to master basic patching cycles. According to the 2025 Verizon Data Breach Investigations Report, only about 54% of perimeter device vulnerabilities were fully remediated, and it took a median of 32 days to do so. This "patch reality gap," as detailed by Acronis, highlights a fundamental truth: patching processes aren't good enough.
But why? If we don't look at that problem, we will never find a solution. The idea that we can simply "patch faster" ignores the finite nature of Social Capital. In security, social capital is the credit a security team earns and spends with the rest of the business. Every time security wants to interrupt operations, reboot critical systems, and demand downtime for emergency updates we are forced to spend our Social Capital within the business. Ask too frequently, or appear to cry wolf too often, and security teams begin facing significant pushback. Now if your organization has considerable IT spend and has fully redundant systems with blue/green deployments, stable development pipelines, and robust and resilient connectivity and edge protections, the idea of continuous patching might be tenable. But for the 99% of organizations that don't have all of those capabilities (or luxuries), continuous patching represents also means continuous downtime, code freezes, and availability outages. All of which burns this capital at an unsustainable rate.
Imagine having to patch your critical ERP system or a high-traffic PII data store with exposed APIs every few days. Or for more edge cases, trying to "continuously patch" a 24/7 safety system or an industrial OT environment where a single botched update could lead to physical damage or environmental catastrophe. IoT devices, often deployed in the thousands and lacking remote management capabilities, are effectively "unpatchable" in the Mythos era.
The idea of continuous patching, while great in theory, is likely not a reality - not because of technical limitations, but because of the businesses we operate inside of.
The solution isn't a faster treadmill; it’s a different race. We must move toward a security approach that assumes patching will never be complete. This isn’t an admission of defeat, it's accepting a truth so we can better address the implications and find a better way.
Let's break down the recommendations from the CSA whitepaper, and others, into two categories: systemic and reactive. Systemic actions are actions that require changing our approach or replacing technologies and architectures that have been in place forever. Good examples here include things like "Establish Innovation, Acceleration Governance", "Inventory and Reduce Attack Surface", and "Build an Automated Response Capability" from the CSA. Beyond CSA's guidance, concepts like implementing Zero Trust and implementing Least Privilege Access to reduce blast radius are common thoughts. But again, we've been advocating for these changes for 20+ years and still don't get it right. Continuous patching falls into this category.
Reactive actions are actions that we can do now, without needing to replace a lot of hardware, solve how to do a Change Management Database for the 20th time, or change how we interact with the business. CSA's guidance to "Point Agents at Your Code and Pipelines" falls into this category, and is a great suggestion. Google has for years talked about how AI gives defenders the advantage, and this is an additive capability we can implement now. But to me, the most accessible and high-impact thing we can do now is implement Attach Path Analysis tooling.
Attack Path Analysis is currently our best chance at reducing burnout and focusing technical resources where they matter most. Instead of treating all 10,000 vulnerabilities as important, or relying on CVE scores that don't understand our environment, Attack Path Analysis allows us to see how an attacker would actually traverse the environment. If a vulnerability exists on an isolated segment with no path to a high-value target (like an ERP or a core database), we shouldn't waste our limited Social Capital to patch it immediately. By visualizing the "choke points" in an environment, we can apply robust edge protections and identity controls that break the exploit chain, even if the underlying software remains unpatched. These tools exist today - Wiz Security Graph, Palo Alto's Prisma Cloud Attack Path Policies, Microsoft Sentinel's Exposure Management, and JupiterOne - all can solve for this. Or, although time consuming, you can do this yourself if you have good documentation and network diagrams (or are good at querying your cloud environment).
We have to plan for a realistic IT environment. In the real world, systems stay online because they generate revenue or protect lives. Security does not exists in a vacuum; and as much as we like to talk about reducing risk and saving the company money post-breach, the reality often doesn't play out that way. So we must consider our expectations within the greater business ecosystem.
Claude Mythos is not the root of our problems. It is simply a magnifying glass held up to the structural weaknesses we have ignored for thirty years. It has stripped away the "security through obscurity" and the (ever shrinking) ime to exploit that defenders once relied on. While Mythos represents a step-change in offensive speed, it will also become an indispensable tool for defenders. AI-powered security can help us map attack paths faster than any human team, automate the detection of lateral movement, and provide the architectural "shields" that buy us time.
But as we integrate these tools, we must remember: our goal is not to achieve 100% patch compliance. Our goal is to improve the security posture of the business while continuing to enable business outcomes. By assuming patching will never be "done" and leaning into Attack Path Analysis, we can maximize the impact of our efforts while keeping some of our Social Capital.
If you think I'm crazy, or that this is already a solved for issues, let us know - questions@generativesecurity.ai. Otherwise, like many of you, I wait with bated breath to get my hands on Claude Mythos and see for myself just what it can do.
About the author
Michael Wasielewski is the founder and lead of Generative Security. With 20+ years of experience in networking, security, cloud, and enterprise architecture Michael brings a unique perspective to new technologies. Working on generative AI security for the past 3 years, Michael connects the dots between the organizational, the technical, and the business impacts of generative AI security. Michael looks forward to spending more time golfing, swimming in the ocean, and skydiving... someday.
