To address the elephant in the room, this blog treats Anthropic’s recent Claude Mythos Preview and Project Glasswing announcements as valid, legitimate, and concerning. While many folks are dismissing much of what Anthropic announced as marketing hype, Anthropic did back up its assertions with evidence, as did its partners.

If this is marketing, Anthropic’s done a masterful job of it. But we’ll leave that analysis to our colleagues in B2B marketing.

The response to the announcements included some of the same old advice that’s been dispensed year after year:

Benchmarks. Vulnerability counts. SBOMs. Partner logos. Patch faster. Automate more.

These are all accurate and more important than ever. We agree, and we said so. But the capabilities of Anthropic’s latest model also signify a shift that goes beyond the near-term adjustments that teams need to undertake.

Automated testing tools scanned a 16-year-old line of code 5 million times and failed to catch something Mythos identified and exploited. The problems introduced by Mythos can’t be solved the old way. If they could, then 12 companies — many competitors of one another — wouldn’t have banded together to try to mitigate some of the potential damage it would cause if unleashed on the world.

Anthropic stated that it doesn’t intend to release Mythos Preview as generally available, but it will release Mythos capable models in the future. And its competitors — domestic and international — may not be so willing to pump the brakes on releasing a model that costs billions of dollars to develop and train.

The second- and third-order effects of Mythos are interesting and, so far, undiscussed. Across domains as disparate as security tooling, vulnerability management, insurance, and regulation, Project Glasswing and Mythos will bring changes. Most of these won’t show up in headlines because they will surface as price corrections, missing data, and uncomfortable questions, over months and years.

This post lays out some of those consequences, grouped by when they’ll hit: immediately, over the next 6–18 months, and over the next 2–5 years. These follow directly from what Glasswing and Mythos demonstrated.

First-Order Effects: What Changes Now

These are the direct consequences of Mythos existing, not adoption curves or hypothetical futures.

1. Open-source maintainers become the bottleneck

Glasswing surfaced vulnerabilities that were 16 and 27 years old in projects maintained by small volunteer teams. Anthropic’s $4 million donation to open-source security groups gets the instinct right. Mythos turns discovery into an exponential problem. Remediation capacity in open source does not scale with it. It remains human, finite, underpaid, and largely voluntary.

After Mythos, vulnerability management stops being about finding bugs. It becomes about identifying, funding, and retaining the people qualified to fix them safely. Without that shift, many critical open-source projects risk replaying the COBOL problem: indispensable code with no sustainable maintenance model.

2. Discovery no longer sets the price for penetration testing

Traditional penetration tests for applications, web applications, and infrastructure routinely run between $20–120K, with pricing anchored to the perceived scarcity of discovery expertise. Mythos Preview surfaced thousands of comparable vulnerabilities autonomously in weeks, without billable hours. Finding bugs is no longer the differentiator; interpretation, prioritization, remediation guidance, and legal defensibility are.

Firms that continue pricing pentests as if vulnerability discovery is the value will see revenue erosion before they replace it with something defensible. The value shifts to understanding the code base, the systems that run it, and how to deploy remediations that actually reduce risk.

3. Anthropic is now the most important partner for every security company

Mythos elevates Anthropic to a core dependency for many cybersecurity vendors beyond the initial Project Glasswing group — until the next capable frontier model comes out, at least. The inclusion of Anthropic and its tools will shape how future capabilities are delivered, governed, and trusted. Vendors that formalize partnerships with Anthropic, with explicit expectations around reliability, governance, escalation, insurability, and regulatory alignment, will gain leverage over deployment models and customer outcomes. This will translate into clearer accountability, stronger differentiation, and fewer downstream surprises. Vendors that leave the relationship implicit accept dependency without influence, increasing exposure when governance gaps surface under customer or regulatory pressure.

Second-Order Effects: 6–18 Months Out

These emerge as the market reacts to the first-order shift. Expect repricing, consolidation, and some quiet failures.

4. Remediation services become the prize category

Discovery is now cheap. Remediation is where the value lives. Finding things is easy; fixing them is hard. The first services firm to build a Mythos native practice that interprets AI-generated findings, prioritizes them against business context, and coordinates large-scale patching captures the margin penetration testing just lost. This is not an extension of existing pentesting practices; it’s a new operating model built around scale, sequencing, and change control across real production environments. That services category does not exist yet. The window to define it, price it, and lock in buyer expectations before it commoditizes is roughly 18 months. Anthropic’s launch of Managed Agents foreshadows this. Expect something akin to MDR — with an emphasis on the “response” part of MDR — to come to other security domains.

5. The CVE system starts visibly failing

Mythos Preview found thousands of zero-days in weeks inside a single environment. Scale that across consortium members and broader availability, and CVE volume will overwhelm triage infrastructure completely. The failure won’t look dramatic. It will show up as months-long enrichment backlogs while vulnerability tools continue prioritizing risk on increasingly incomplete data. As this compounds, the marginal value of finding the next vulnerability collapses. Each additional zero-day does not improve risk posture if it cannot be validated, contextualized, and acted on inside the window where exploitation matters.

6. Nation-state cyber strategy shifts from hoarding to racing

Nation states have spent decades compiling their own stores of zero-days to burn when it matters most. Those stockpiles and the decades of resources and work used to collect them are about to be useless. Stockpiling zero-days is dependent on finding things that are difficult for others to find, and with Mythos, that is now over. Mythos forces their hands. Expect nation states that have stockpiled zero-days to use them to exfiltrate data and/or establish footholds into the environment to be used at a later date.

7. Cyber insurance will reprice quickly

Cyber insurance premiums entered 2026 at flat to declining rates, driven by refined underwriting, excess capacity, and competitive pressure. Mythos breaks the discovery assumptions embedded in insurer loss models. In the short term, insurers will likely verify security posture via Mythos partners rather than owning the tool themselves, which comes later through carrier, broker, and insurtech M&A.

Expect exclusions that explicitly target AI-discovered vulnerabilities that are not remediated within defined timeframes, triggered by the first high-profile post-Mythos loss. Insurers have not stress-tested portfolios against Mythos-driven vulnerability discovery. When they do incorporate Mythos verification into insureds’ control profiles, repricing will be abrupt, not gradual.

8. Regulators lock Glasswing in as the reference case

The EU AI Act, NIST AI RMF, and SEC cyber rules were written before autonomous zero-day discovery at this scale existed publicly. Mythos effectively resets standards for “reasonable care” and gives regulators a new anchor for “high capability” AI. For CISOs, this creates a compliance gap as traditional patching becomes increasingly insufficient. Additionally, Mythos Preview almost certainly qualifies as “high risk” under the EU AI Act due to its potential use cases in critical infrastructure and its role as a safety component.

CISOs operating in the EU will need to bridge the gap between traditional and AI-speed vulnerability discovery before compliance teams ask questions they’re not prepared to answer. CISOs in the US should expect an acceleration of AI regulation as a result and update their cyber disclosures to treat autonomous zero-day discovery as a foreseeable threat.

Third-Order Effects: Structural Changes In 2–5 Years

These reshape markets and careers. You won’t see them yet, but they’re already baked in.

9. AI-assisted security governance becomes its own compliance field

Regulators and insurers will require documented human oversight (“human in the loop” audit trails) between AI discovery and action. The artifact looks like: AI finding, human review and validation, authorization, execution. This creates a new audit and assessment market around AI-assisted security governance that extends beyond most organizations’ governance programs. Vendors in the GRC and AI governance categories are providing limited capability, but true AI-assisted security governance requires integrated tooling across security tech stacks that largely doesn’t exist today.

The vendors that build documentation, workflow, and oversight tooling before mandates formalize it will own the category, and those mandates are more likely to arrive first through insurance underwriting requirements.

10. Security careers pivot away from discovery

Unearthing vulnerabilities and reverse-engineering malware stop being in-demand skills as AI autonomously surfaces thousands of credible, high-severity exposures across every major system. The new critical skills are judgment-based and include validating AI findings, red-teaming AI-generated patches before they’re rolled out, and making accountable decisions about when to act under severe time pressure. Universities, certification issuers, and many cybersecurity skills and training platforms are still building finders, not deciders.

Organizations that retrain fastest and retrain for this new profile — one that is focused on domain expertise applied as structured reasoning under pressure — will staff the next generation of security operations correctly.

What CISOs And Vendors Should Do Now

For CISOs, the immediate work still matters, more than it did before: patch cadence, legacy code review, vendor benchmarking.

The harder work starts next: 1) Reread cyber insurance exclusions through an AI-accelerated disclosure lens; 2) identify which tools depend on National Vulnerability Database enrichment and build alternative data paths; 3) stress-test detection against attackers capable of overnight exploit development; and 4) upskill your practitioners and teams on AI output validation and judgment calls under pressure.

For vendors, the question is simple. Does your value proposition survive when frontier model access becomes ordinary? If your value is derived from finding and not fixing, your business model has an expiration date.

Connect With Us

Forrester clients with questions related to this can connect with us through an inquiry or guidance session.