Anthropic just dropped Claude Mythos, and it found thousands of zero-day vulnerabilities across every major OS and browser. But finding bugs was never the hard part, remediation is.
In this video, I break down what Mythos means for AppSec and cybersecurity, why enterprises are already drowning in vulnerability backlogs, and why the industry needs to embrace AI-powered auto-remediation to close the gap. I also discuss why shift-left and secure-by-design have historically failed, and how AI integration into the SDLC can finally deliver on those promises.
Topics covered:
Claude Mythos and Project Glasswing ($100M coalition with AWS, Apple, Microsoft, Google, and more)
AI vulnerability discovery: AISLE, XBOW, Nicholas Carlini’s Frontier Red Team findings
The Vulnpocalypse: 48,000+ CVEs in 2025 and the remediation crisis
Vulnerability prioritization: CISA KEV, EPSS, reachability analysis, runtime reachability, business context
Why shift-left created friction instead of security
AI Code Security and auto-remediation as the path forward
James Berthoty’s emerging AI Code Security category
Referenced in this video:
