I recently joined my colleague @s_crawford on the latest episode of Eric Hanselman's Next In Tech podcast to discuss the security implications of Anthropic’s Mythos announcement: https://www.youtube.com/watch?v=fl2r3cUVlDs

danielkennedy74@infosec.exchange

I recently joined my colleague @s_crawford on the latest episode of Eric Hanselman's Next In Tech podcast to discuss the security implications of Anthropic’s Mythos announcement: https://www.youtube.com/watch?v=fl2r3cUVlDs

A lot of the public conversation around AI and cybersecurity quickly drifts into nonsensical 'AI ends security' territory, and unfortunately that obscures a more nuanced reality around the role of current and future frontier AI models in finding vulnerabilities and the practical implications for enterprise security folks around remediation.

The models are clearly improving at vulnerability discovery, exploit development, and attack chaining, and that matters. But the larger issue is what this does to remediation timelines, operational scale, and software supply chain risk. We also discuss:

• Why benchmark demos and real-world operational capability are not the same thing.

• How faster patching creates new incentives for attackers to target update and package ecosystems.

• Why generic security advice increasingly feels disconnected from the actual problem space.

• Where AI-driven detection, response, and deception technologies may realistically evolve from here.

A great discussion as always, especially around separating legitimate technical progress from theatrical AI hype.