A Single Partner for Everything You Need With more than 450 technology partners in its ecosystem, Optiv provides clients with best-in-class security technology and solutions that equip organizations to detect and manage cyber threats effectively and efficiently in today's growing attack surface. Optiv's Partner of the Year Awards recognize forward-thinking innovation, performance and growth, and unparalleled technology solutions.
We Are Optiv Security Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Mythos and the Reality of AI‑Accelerated Vulnerabilities Breadcrumb Home Insights Blog Mythos and the Reality of AI Accelerated Vulnerabilities May 11, 2026 There has been a lot of chatter and commentary on Mythos since Anthropic announced the Mythos Preview on April 7 and subsequently withheld releasing it to the general public. Instead, they released it only to select organizations under the name of Project Glasswing. While the initial reporting stated that Mythos was able to find thousands of vulnerabilities (some dating back over a decade), more recent analysis pulled back on the initial hype, saying that while the findings were real, they were somewhat overblown. Some were found by leveraging already available models and many of the vulnerabilities were not significant enough for common vulnerabilities and exposures (CVEs). Additionally, the model jumping the guardrails was not fully accurate since it was instructed to escape its sandbox and notified the researcher as requested. What Is Real When It Comes to Mythos? The conversations around Mythos have highlighted that the time between vulnerability and exploitation has been shrinking and will continue to do so. Not only are we in an “assume breach” world, but we’re adding “assume zero-day.” With increasing AI adoption and use, this narrowing window continues to call organizations to focus on the basics. Understand what your organizations risk tolerance is. In an “assume breach” culture, cybersecurity teams should understand what the business cares about and what the critical assets are. Is it intellectual property, personally identifiable information (PII), operational uptime? Understand that and how to protect it proactively and reactively. Minimize the blast radius. If the bad guys get in, make it difficult for them to spread through the environment with segmentation, identity governance, data governance, visibility and monitoring. Build resilience. If and when your operations are impacted, make sure your infrastructure and data are built with resilience through backups, solid response plans and communications. If feasible for your organization, evaluate the usage of microservices and containers to reduce your vulnerability remediation period. What’s Next? Looking forward, what will we see change and where do we need to change? One of Optiv’s field CISO’s, Bindi Dave, has shared her perspective on why Mythos and AI have collapsed the window for cyber defense. Organizations will need to become more comfortable with a higher risk level by adopting more automation around vulnerability operations. What’s important to know? Project Glasswing participants will hopefully leverage their access to improve their development pipelines and reduce the number of vulnerabilities they are releasing. There has been talk that if this happens, the need for vulnerability management and scanning will be less of a priority, but the likelihood of this happening for all operating systems and software being used by organizations is unlikely. However, it may alleviate the highest priority systems such as your primary OS versions and business software Security organizations participating in Project Glasswing may start integrating the capabilities of Mythos into how they perform risk scoring, how they identify indicators of compromise (IOCs) and indicators of attack (IOAs) I have noticed that vendors who focus on code scanning or vulnerability scanning aren’t participating in Project Glasswing. These vendors are already beginning to use backend LLMs to boost their abilities, and this trend is likely to continue. This might be intentional, especially since Anthropic has released its own Claude Security code scanning product Cybersecurity teams must increasingly act as true business partners. By establishing governance programs that balance control frameworks with operational efficiency, and actively engaging both business and technical stakeholders, they can help integrate security smoothly throughout an organization. Don’t get pulled into the vendor hype about protecting you from the threat of Mythos. Although the Mythos hype doesn’t present groundbreaking developments beyond initial expectations, it underscores the ongoing importance of establishing robust governance and controls. Ultimately, Mythos is an event that cybersecurity teams can leverage to open or continue conversations with their leadership and stakeholders about building partnerships and allocating budgets. Discover more expert insights on how AI is reshaping the threat landscape and what security leaders must do to build machine-speed resilience in this report from Optiv. By: Aiko Montgomery Principal Security Advisor, AI COE Aiko Montgomery is a principal security advisor with Optiv's AI center of excellence (COE). She has over 25 years of experience in cybersecurity focused on helping organizations balance business and security requirements. She focuses on providing practical guidance that comes from her experiences leading incident response teams, security operations and building security programs at large Fortune 500 companies. Share: AI vulnerability management Optiv AI Security mythos About Optiv Security: Secure greatness.® Optiv is the world’s largest pure-play cybersecurity company. With unmatched technology partnerships and deep technical expertise, Optiv securely enables the AI era for more than 6,000 clients. From financial services and health care, to government, energy and retail, organizations trust Optiv to advise, deploy and operate cybersecurity programs that reduce risk and deliver real results. Learn why Optiv is the most trusted brand in cyber at optiv.com.
About Optiv Security: Secure greatness.® Optiv is the world’s largest pure-play cybersecurity company. With unmatched technology partnerships and deep technical expertise, Optiv securely enables the AI era for more than 6,000 clients. From financial services and health care, to government, energy and retail, organizations trust Optiv to advise, deploy and operate cybersecurity programs that reduce risk and deliver real results. Learn why Optiv is the most trusted brand in cyber at optiv.com.