**The Slow Response Speed of Humans as a Bottleneck in Cybersecurity**
Anthropic’s high-performance AI model, “Mythos,” which has sent shockwaves through the global cybersecurity industry, has identified over 10,000 high-risk and critical security vulnerabilities in key software worldwide in just one month. While AI has become faster and more accurate at detecting insecure points, human response speed has comparatively slowed, becoming a bottleneck in cybersecurity.
On the 22nd (local time), Anthropic announced the initial results of its AI security project “Glasswing.” Utilizing a preview of Mythos, Anthropic partnered to identify over 10,000 vulnerabilities. For example, the internet infrastructure service company Cloudflare found 2,000 bugs in its core systems, of which 400 were high-risk or critical. While inspecting Mozilla’s internet browser, Firefox, they identified and fixed 271 security vulnerabilities in the new version, a scale more than ten times larger than what was found with previous models. The speed of bug detection for some partners also increased by more than ten times.
External agencies have also highly evaluated Mythos. The British AI Safety Institute conducted a virtual test of AI hacking capabilities on Mythos, which completed an attack process for the first time. The security platform XBOW stated, “Mythos significantly outperformed existing models in web vulnerability attack performance evaluation and demonstrated unprecedented accuracy.”
Anthropic analyzed these results, declaring that “the bottleneck in cybersecurity has changed.” Previously, how quickly new vulnerabilities were found was crucial, but now, with AI detecting vulnerabilities quickly and accurately, the slower speed at which humans verify and fix these issues is the bottleneck. Anthropic advised, “The time gap between discovering vulnerabilities and distributing fixes will give attackers better opportunities, which constitutes a new risk in cybersecurity.” They recommended that developers and companies reduce the patch cycle and make security updates easier and faster to deploy.