Caleb Sima: [00:00:00] Literally you can just be one person doesn't know anything about security, point it at something and say, fine exploits and it will go and do it.

Ashish Rajan: Should this model be released at all in the first place?

Caleb Sima: We found active intrusions. It's detecting true attackers that are in our organization right now.

Caleb Sima: Like I don't think the security industry is ready for this thing.

Ashish Rajan: Almost like worrying when someone who's anti AI hype kinda says that.

Caleb Sima: Yeah, I mean this is like real stuff,

Ashish Rajan: nine or 10 times. The job always relied on not clicking on a link, on an email being the number one problem. Everyone knows a hack in their organization that has not been patched forever, and it would never be patched.

Caleb Sima: So banks, they have vols, but we shouldn't have security cameras or guards. We don't need to watch for bad people. We don't need to detect bad guys. Like this is real stuff, man. This is like a very real thing.

Ashish Rajan: Anthropic is released, or let's just say made preview or something that seems to have shaken up the entire world, including the non cybersecurity people out there as well.

Ashish Rajan: I'm talking about the latest AI model from Anthropic, Claude [00:01:00] Mythos. Now, you may think that this is just another cybersecurity product. The internet is divided on this particular topic. On one side you have people who are very pro on the approach and what the legitimate is this, and hitting the panic button.

Ashish Rajan: And on the other side, people are just trying to talk about this as, Hey, they're just hyping it too much. Caleb and I have tried to bring in a conversation, which is. Hype free as much as possible and also agreeing and disagreeing with some of the things that have been called out on the internet about this Mythos project.

Ashish Rajan: We also spoke about what you can do today practically, especially if you are not someone who is in an organization that is very tech forward or AI forward, some practical things you can do work on today and what you should be working towards once the Mythos model is generally made available across the world.

Ashish Rajan: All done a lot more in this conversation of AI security podcast. If you know someone who's probably thinking about this particular topic or has a strong opinion about this, definitely share this episode with them. And as always, if you have been listening or watching episodes of AI Security podcast for some time and have been finding them valuable, I really appreciate if you take a quick second, hit the subscribe, a follow [00:02:00] button, whichever podcast platform you may be listening or watching this on.

Ashish Rajan: We are on Apple, Spotify, YouTube, LinkedIn, pretty much anywhere, you listen to watch your podcast episodes from. I hope you enjoy this episode and I'll talk to you soon. Peace. Hello. Welcome to another episode of AI Security Podcast. Today we are talking about what's been, let's just say, shaking the cybersecurity internet for context, uh,

Caleb Sima: the world.

Caleb Sima: I would even say it's bigger than cyber in the sense that this is everywhere, like my parents are asking about, you know, like that it's,

Ashish Rajan: oh wow. There you go. Uh, my parents haven't asked.

Caleb Sima: It's in major news outlets, you know, cybersecurity,

Ashish Rajan: definitely news outlets.

Caleb Sima: Yeah.

Ashish Rajan: People who care about the stock market.

Ashish Rajan: People care about technology losing their jobs. Everyone's kind of worried about something called the new model, which is in preview by Anthropic called Mythos or Ma Host, depending on the Greek word culture, appropriate word. Uh, they started a project, basically, the idea was that they believe that a side effect of improving the model has been that it has become really good at identifying cybersecurity vulnerabilities way better than the previous model could.

Ashish Rajan: [00:03:00] And they were terrified, is the probably the simplest way to explain this, that they thought, yeah, they should start an entire partner ecosystem on a project called. Project Glasswing with companies like Palo Alto, CrowdStrike, Microsoft name some of the popular companies in this particular space, at least cybersecurity space to come in and work with them and including the government, the Department of Defense, and ways other government departments that they've been talking to, to try and patch the now this is where the world kind of divided into what Caleb said, and I'm sure he'll, I would love to hear his thoughts on this as well.

Ashish Rajan: I've got just to kind of lay the land, there are extreme opinions on people going on the, which is funny 'cause as an industry we believe that we should not be fearmongering, but we ourselves are creating fearmongering. With this project coming out, we are trying to scare other cybersecurity people. Hey, have you heard of.

Ashish Rajan: Project methods, we, we are screwed. Well, as on the other end, there are other people as well who are trying to think about this from a positive angle. But before we dive into that, Caleb, what are your initial thoughts on the [00:04:00] whole, the project, the, uh, model and preview? The, let's just say approach. Is this the right

Caleb Sima: approach?

Caleb Sima: Yeah, yeah. So, I mean, let's go with the fundamentals. So the fundamentals is, let's get to the basics. What is Project Mythos or I think, I dunno what's the right way to say it.

Ashish Rajan: Mythos, I mean, I was gonna say Mayonaise, but I'm like Mythos. Let's just say Mythos. If any, if, if there's a Greek listener, please correct us on the pronunciation.

Caleb Sima: Yeah, I'll say Mythos. So with Project Mythos, is that the reasoning of this model? This next generation model that Anthropic has not. Publicly released is that its reasoning and understanding of code is extraordinarily step levels above current models right now. And because of that, its capability from a cybersecurity perspective has grown immensely.

Caleb Sima: So it's not specifically the model is great at cybersecurity, it's that it's reasoning and understanding of software and code has become really, really, really great. And because of that, you can [00:05:00] obviously reverse engineer software and understand software very well, which means that you can find. Exploits in vulnerabilities very, very well.

Caleb Sima: So here's the thing is this is not quote unquote new in the sense that if you go look at, we talked about this ish, uh, zero day clock.com, where we've identified where AI and models themselves obviously at scale can reduce the time of exploitation. Finding a vulnerability, it can both help you find vulnerabilities.

Caleb Sima: We've seen the CVE increase and we've also seen where finding and actually creating a working exploit from that vulnerability using AI has decreased that time drastically. You know, you could say that it's now like literally within hours of being, when a vulnerability is produced, you can point AI to it, it will produce a working exploit today.

Caleb Sima: That's with today's models not talking about project Mythos at all. Yeah. However, in Mythos. The things that they, I did identify is its reasoning on identifying complex straight to exploit [00:06:00] capability has improved drastically. So how did this happen? It's, they ran the stuff against things like Linux kernels, all sorts of different areas and identified exploits in this that never were found before, and then submitted patches for this.

Caleb Sima: And because of this reasoning, they have said, Hey, you know what we can do now at scale with this model is look at attack surfaces that were never looked at. Find these vulnerabilities very quickly, create actual exploitations for these vulnerabilities very quickly without writing a single line of code, without knowing anything about security.

Caleb Sima: Like literally, you can just be one person doesn't know anything about security. Point it at something and say, fine exploits and it will go and do it. Now there was a preview of this at unprompted, so alright, Anthropics team went to unprompted and actually did a presentation on the older model doing this exact same process that then they ran Mythos through that.

Caleb Sima: They said, oh, oh my gosh, Mythos became so much better. So then they're gonna [00:07:00] reserve this model so they can give time for big companies to go and patch their problems or run their model against their own code so that they can at least, you know, have some defender time before they go release it to the world.

Caleb Sima: So that is Project Glasswing, right? Yeah. That is that process. Okay. So these are the basics and fundamentals, right? What do we want to go into this First,

Ashish Rajan: I would say, first of all, I think I want to explore the approach for this because a lot of questions are being thrown around the fact that are these even the right companies to involve?

Ashish Rajan: If there was that much fear, and I'll give some context as well. I heard this and actually, yeah, 'cause if this. The reasoning that they gave was, Hey, we wanted to limit the preview to selected people because we believe the downside or the number of vulnerabilities that can come out are humongous or be chaotic and blah, blah, blah.

Ashish Rajan: We give people a hundred days, or this may take years to solve this particular problem. I think the approach or the intent sounds fair, and I'm not disagreeing with the fact that the model [00:08:00] is as powerful as they say it is. What is interesting is that why not reach out to say, critical infrastructure as a partner, people?

Ashish Rajan: Why a cybersecurity company as 'cause technically, if I was worried about a world going down, I, what I care about is, is my power gonna be cut out? Is my, just say internet energy. There are so many other things that are top of the line for, in terms of importance. Before I care about, say a software company having to patch their uh, software And I think that's where I was talking about the approach because now if I wear my cybersecurity hat where we have spoken about responsibly sharing vulnerabilities for like the, uh, responsible disclosure, I think that's the word. Use responsible

Caleb Sima: disclosure.

Caleb Sima: Yeah.

Ashish Rajan: Yeah. So that's been, we've been talking about this for a long time in this field, pre ai. So from that perspective, if they have found vulnerabilities. The thought that I was going with this was when I heard that the first thought that I had was, Hmm, the model is that powerful and they can find vulnerabilities.

Ashish Rajan: Why not just find the vulnerabilities and give a, disclose it to quote unquote about software [00:09:00] to software developers? And why is the approach of this marketing,

Caleb Sima: Listen, I mean, we don't know. Let's set the context. The context is you now have a capability to quote unquote find zero days instantly in almost any piece of software that you pointed at.

Caleb Sima: Okay, the now what do you do in order to responsibly helps defend, companies, nation, world, whatever you may happen to call it, in order to do this properly. You know, I think there's a lot of complexity behind the scenes that we probably are not privy to,

Ashish Rajan: of course.

Caleb Sima: But let's take your direct, thing about, well what about, power grids and our critical infrastructure?

Caleb Sima: I mean, let's be clear, I don't know if they named them specifically, but for sure they are going, doing things there that help in that scenario. But then a, a big question comes up you know, again, I'm just thinking about this at the top of my head, but is going directly to them with this capability, the right way to do that.

Caleb Sima: If I say, okay, let's go to power companies with this capability, is that the right way to do [00:10:00] that? Or is there a better way to, or like, let's just, I'm just gonna make this up. It's probably not true. Yeah. But if I say. Hey Palo, most of the power companies run Palo Alto, right?

Ashish Rajan: Yeah.

Caleb Sima: And we also know that if you're gonna hit one thing, you wanna hit one thing consistently at scale.

Ashish Rajan: Mm.

Caleb Sima: Right? So if you go to Power Company A versus power Company B and State X versus state Y, they're all independent, all with various different types of software. All very, very specific. So if you expose this capability to all of them, yeah, the leakage of that capability or the use of that capability or whatever it is, could be problematic.

Caleb Sima: However, attackers also. Won't necessarily hit X versus Y If they had this capability, they're just gonna say, well, who should I hit first? Probably Cisco or Palo Alto or Amazon or Microsoft or Apple, like they're gonna hit, what is the areas I can focus on that I get the broadest impact in the largest amount of impact in the quickest amount of time.

Caleb Sima: That's where they would take this tech first. [00:11:00] So, sure. Like I think like when you think about who do you pick, one thing that is gonna be very clear, everyone is gonna be upset because they're not included or not decided because they don't, they didn't make the decision, Anthropic made this decision. Yeah.

Caleb Sima: So of course they're gonna be upset, but they are thinking through it with probably a lot more context, a lot more thought process, and probably lots of opinions from our government as well on this, uh, in order to pick the partners, at least in quote unquote phase one that we see today.

Ashish Rajan: Yeah. And I, I'm not disagreeing on the approach. I think what I'm, where I'm coming from is the, obviously, I don't know the nitty gritty details of how they made the decision for going with PaloAlto, CrowdStrike and any other company like, 'cause mean, obviously we've left out an entire open source ecosystem considering the 87 or I don't know, there's a certain percentage of code that is still written or still.

Caleb Sima: And you can't cover the world, right?

Ashish Rajan: You can't a hundred percent. You can't cover the world. And I think the point here is I wonder if they didn't have enough compute as well to [00:12:00] cover the world. Maybe that there is that point.

Caleb Sima: They clearly don't. As of right now, I think Anthropic just went down.

Ashish Rajan: So there you go.

Caleb Sima: My agents are burping over here in this window. Oh,

Ashish Rajan: they, so to, to, to your point, obviously I don't know the specific details of why they made the call, but I thought it was interesting as a security person, obviously everyone as a CSO. I'm gonna come to that as a security person. Everyone's tossing the idea for what's the right way to do a disclosure and, uh, disclosure technically just means you have found something.

Ashish Rajan: In this case, they're not, they're not saying they have found things, but they want to work with partners who can help them find more things. So that, yeah. This is disclosure.

Caleb Sima: Yeah. I, I think we should be very clear. Yeah. This is not disclosure.

Ashish Rajan: Yeah. But this is more like. Hey, if I, to your point, if I was to boil the ocean with the ai, A, I don't have enough compute to run it across the entire World Code base.

Ashish Rajan: Even today, even if I wanted to, maybe, I don't know, may have some secret, uh, server somewhere. But the point being, I guess was the, choosing the partners is an [00:13:00] interesting one, but from a marketing approach perspective, and I think the segway to from that is that, okay, let's just say these are people, the Palo Altos, the CrowdStrike, Okta, they all, whoever was part of that ecosystem, are doing the responsible thing.

Ashish Rajan: What I find interesting would be the next step after that they have handed over to partners. How do they trickle that onto people like the CISOs or the customers that these people have.

Caleb Sima: I've talked to a few who have it.

Ashish Rajan: Oh, perfect. Because I'll love to know as to.

Ashish Rajan: Is it more on the context of, Hey, we've found a vulnerability and here's a patch, or is it more in the context of hey, uh, we are part of this project and you, it looks like some of your systems are gonna be impacted. Like what's the level of information?

Caleb Sima: No, it's, it's, it's, Hey, we think you hey, you are a really critical piece of software that's being used or service that's being used.

Caleb Sima: We're giving you access to Mythos to use, and please, here is our process for what we are doing. Here is what we found. Use it to determine if you can find things to [00:14:00] patch in your systems and software.

Ashish Rajan: That would be interesting. Actually. Let's just take that step further, man, because if

Caleb Sima: we were, but yeah, let me give you a quote.

Caleb Sima: Hold on. Let me give you a quote from one of the people that I like. First of all, the person who I know who has access to it, I wanna also clarify is super legit. Very, very sharp. Smart, cutting edge of ai. Yeah. Right. Knows. The things, front words and backwards and is very, by the way, anti

Ashish Rajan: hype. So like,

Caleb Sima: yeah, this is the kind of person you like.

Caleb Sima: Let me see. We're having a whole discussion about the patching problem, his sense of what's going on here. I want to tell you what his quote basically yeah. I don't, I can't find the quote, but he says, Hey, I'm running it right now. Not only are we finding insane things, but he's also using it. He went to identify TTPs in his org.

Caleb Sima: Yeah. On his endpoints. And he is like, it's [00:15:00] flagging stuff that have been dormant, that is active and uh, things he never caught, like we found active intrusions through running me. So he is like, it's not just good at finding VULs. He's like, it's detecting true attackers that are in our organization right now.

Caleb Sima: And like there's a quote that. Gosh, I gotta find the thing. But he's basically, he's saying, man, like I don't think the security industry is ready for this thing.

Ashish Rajan: Wow.

Caleb Sima: Like he's

Ashish Rajan: almost like worrying when someone who's anti AI hype kind of.

Caleb Sima: Yeah, dude. Like this is real stuff, man. Yeah. I mean this is like real stuff.

Caleb Sima: He is, he's basically like, you know, this stuff is finding things that no one's finding, just, you know, not just exploits. Yeah. But the way it's capability in understanding the attacker and what it's able to put together is really good. And so he is like, yeah. He's like, I don't think, and you know, and our discussion here is like, you know, how many security vendors is this going to eliminate?

Caleb Sima: And he goes, he goes, first [00:16:00] of all, we need this because we need a cleanup of our security vendor ecosystem. So he's like, you know, 60 plus percent of these guys going away,

Ashish Rajan: going away. I imagine like

Caleb Sima: security vendors, security vendors. Any security vendor. We're talking about the whole, we're talking about the whole market.

Caleb Sima: We're talking about solutions that vendors are bringing. He's like, easily 60% of these, these guys are gone.

Ashish Rajan: Interesting.

Caleb Sima: So like, this is, this is like a very real thing.

Ashish Rajan: Uh, maybe I'll just put this another way, right? Because people who may listen or watch this would go, okay, so if tomorrow it goes away from preview mode and I have access to this.

Ashish Rajan: I would love to hear what we can do today, but also just let, let just walk down that path for if someone out there gets access to the, let's let just say the, the GA version of Mythos, they would have to be at a certain level of AI consumption or AI skillset in the organization for, to your point, this [00:17:00] individual is pretty AI forward, right? And I don't know how many people I can say hand on my heart, are pretty AI forward in the way they use it in their organization for security and other things apart from using for productivity. So if someone didn't

Caleb Sima: get access, well, I mean in Tech Forward companies with Tech Forward people using AI Tech Forward.

Caleb Sima: Yes. Remember this is a very, very small amount

Ashish Rajan: Yeah.

Caleb Sima: Of, yeah. Capability versus the rest of the, the world.

Ashish Rajan: Yeah. Like to give you an, that's kind of where I'm coming from is that maybe that's, those are the people who are probably worried even more because they already feel that, and there could be multiple reasons.

Ashish Rajan: I don't wanna make an assumption here. There could be multiple reasons that AI has probably given, been given to engineering first. And security would get later on, Hey, you get the Anthropic subscription that you want to enterprise license. Go figure whatever you want to do with this as well. So building the capability may not even be a thing today 'cause we don't even have enough training available for people to even understand what they can do.

Ashish Rajan: So what should be the steps people should take today to even monitor this? [00:18:00] Considering the fact that if we are A, we need to find the gaps in the first place. B, once you find the gaps, you have to patch them. Patching requires its own discussion in itself, but let's talk about finding the patching in the first place.

Ashish Rajan: What kind of capability or like in that a hundred day window that Entropic has given us, what kind of capability or thinking people should develop in their security teams to even able to utilize this? Because maybe they have an opportunity to replace 60% of their entire security product in their organization just by having right meters.

Ashish Rajan: Yeah.

Caleb Sima: Okay. So there's, there's probably like a bunch of different things that probably come into play here. Right. Okay. So this capability exists. Quote unquote. Yeah. Um, the first thing I think people are arguing about is whether this capability is as dangerous or as real as everyone says. And there's two differing opinions on this.

Caleb Sima: There's the extreme of what Anthropic is saying, which is, oh my gosh, project Glasswing. This is [00:19:00] like a nuclear weapon. We need to get our defenses up and have the right partners. And then there's the group that is, they are just hype. All of this is hype.

Ashish Rajan: Yeah.

Caleb Sima: Like finding vulnerabilities is finding like, actually I think Geo Hot was famous in saying, why is it this is, they need to shut up about this.

Caleb Sima: You can always find vulnerabilities just a matter of where Mo most people aren't looking. And by the way, there's startups who are using small models that exists today that are finding these same vulnerabilities that Anthropic pointed out. So I think we need to, we talked about sort of Anthropics view on the hype and the fear, right, of the reality, which I have talked to people who are legit in the business, who I think very clearly, and even myself when I read and understand what's going on.

Caleb Sima: I am a, I'm more towards the hype is the fear. Oh,

Ashish Rajan: yeah. I mean, I think hype, I'm, I'm on the same, I'm, I'm on the same side as you are. Like, I don't think this is being made up right now. It's,

Caleb Sima: but the hype, but the answer's in the middle, right? Yeah. Somewhere in the middle.

Ashish Rajan: Yeah.

Yeah.

Ashish Rajan: And I, I guess to your point, maybe before we go into what you do today, [00:20:00] we should talk about what people are saying that, and to your point, do you wanna answer that thing as well,

Caleb Sima: like Geo Hots?

Caleb Sima: Like, let, let's go to this other angle of, for example, geo Hott says, well, it's just a mat. You can find vulnerabilities anywhere. It's just no one's looking. Yeah, which is absolutely correct. I actually think even in these reports of smaller models, finding the exact same vulnerabilities that Mythos apparently found is probably correct.

Caleb Sima: It's just the, the thing that is different is that you can do this at scale, right? Like what they're saying is if you know where to look, you can find the vulnerabilities with today's models. That is true. But the problem with today's models that Anthropic is saying is different is you could run Opus four six on the Linux kernel.

Caleb Sima: For sure. You will flag three 35,000 vulnerabilities out of it, and one of those vulnerabilities will probably be the one that Mythos found. Yeah. The difference is Mythos validated, exploited, and removed the false positives from the [00:21:00] massive set of vulnerabilities that you can find inside of the Linux kernel.

Caleb Sima: So you can now point it at the Linux kernel, go through all of these, which today you'll get 30,000. It's the static code analysis problem. It's the false positive issue. And then now with Leto, they're saying it's narrowed that. To true exploitability to where now you could point it and have a way smaller haystack of true exploitable issues.

Caleb Sima: So geo hot is correct. These small models are now, they, now that Anthropic has called this specific function in this link kernel, they're all taking the smaller models and they're pointing it at that specific piece of source code and they're finding it and they're saying, oh look, Opus four six finds it.

Caleb Sima: Oh look, this open weight model finds it too. This is all hype. Yeah, of course it is. 'cause they told you exactly where to look and exactly what the vulnerability is. So you could just point it and say, Hey, by the way, look in this one specific file for this type of issue and it will find it. But the problem is take that same small model point at all of Linux kernel and then you go through [00:22:00] the results and figure out what's real, what's right.

Ashish Rajan: Yeah. And to to your point, the, would it be fair to assume that if you are a sophisticated hacker today with Opus 4.6. Who knows what they're doing and is probably, to your point, AI forward. They could probably use Opus 4.6 to find the same thing as well to, and this is kind of what you're saying as well.

Ashish Rajan: They may have like six other things they find as well. If they just let the, what's it called, it takes a

Caleb Sima: lot longer.

Ashish Rajan: Oh yeah, it will take a lot longer, but it is possible today for a 4.6, sorry, Opus 4.6 model and a combination of a sophisticated hacker who have plenty of time to just, I don't know, spit out zero day all day if, if he or she wants to.

Ashish Rajan: I definitely think there is some validation in the point that if we haven't found zero days that quickly or that the, maybe that, that that widespread, I guess that's the word I'm looking for. If it hasn't been zero day exploitation, that's widespread after 4.6 Kmart. 'cause I don't imagine nation states don't [00:23:00] have the budget problem.

Ashish Rajan: They don't have the time problem. They have a goal in mind. They're gonna go ahead and do it. But why is it that we have not. Done that with 4.6 when we had the capability. Even if we had all the time of the work, we,

Caleb Sima: well, we, we have like going back to our original look at the zero day clock, right? The zero day clock.

Caleb Sima: Oh yeah. We have seen more vulnerabilities, found more exploitations run in a way faster timeframe. That is 4.6 or whatever other models that exist. Ah,

Ashish Rajan: actually yeah, you Right, because we did say that cvs, but did, did it say that the AI is funding? I thought it says CVS being

Caleb Sima: Yeah, yeah. CVE is actually between uh, the two years ago, like I actually did a stat on this.

Caleb Sima: I put 2023 as one year after chat, GBT really became out there. Yeah. And in those two years. CVEs increased by 63% in Right. Actual even there's 63% more CVEs than any other. Like it's just exploded. And then the time to exploit from [00:24:00] CVE to detection of exploit in while it went down to less than six hours.

Ashish Rajan: Yeah.

Caleb Sima: Right. So, and that came from previous, it was at 172 days or something like that. So like clearly existing AI models are finding exploits, proving, creating these exploits and using these exploits like this. This is not new, right? Like, yeah.

Ashish Rajan: Yeah. And

Caleb Sima: yeah, this happens.

Ashish Rajan: But to double click on that further, the Opus 4.6 sophisticated hacker can find this information today.

Ashish Rajan: There's more CVS coming out. But has the importance of CVEs reduced then because No, or maybe not the rest, not the right way to put this saying. Has the volume of CVEs become so overwhelming that people have given up on the idea so that they had to go down the piles of hyping it so much for people to even care, give attention to this one.

Ashish Rajan: Like

Caleb Sima: there, there is an interesting point of do CVEs anymore. Provide the value that it used to provide. Which is, this is a whole theoretical argument, [00:25:00] but if we're at a world where you can point a model at a piece of software, find the six O days in it, then why would you produce a CVE public disclosure when the company should just patch it immediately, as soon as it was found.

Ashish Rajan: Mm-hmm.

Caleb Sima: Right? Or then in that case. Like when you do publish it and someone else needs to know about it, do they have their own version of the model that understands it, that just patches their own version as well? Or do you take the patch that was produced by the vendor themselves? Or do you just create your own patch because you're running your own auto patching?

Caleb Sima: This is a whole different like, uh uh. Yeah, but we'll, we'll get there. How about we get there in the CISO discussion?

Ashish Rajan: So to, to your point, I think one thing that I find, uh, and maybe it's not to poke hold at this, but to kind of call out the example that I've always had this grudge with zero day, right?

Ashish Rajan: That zero day assumes that I know about zero day. Why, why would someone, if you have an exploit that can hack into [00:26:00] any iPhone or that can hack into any server, let's just say a Linux for 25 years ago, it just happens to be on the internet. So for free for you to exploit and put crypto mining or whatever, why would you disclose that publicly as a zero day?

Ashish Rajan: I just almost like it's an anti pattern, in my opinion, for pe for the goal that people want to achieve apart from street credit, which is why I have a CVE,

Caleb Sima: gimme a job. Well, it's, it's under responsible disclosure. What you do is you contact the vendor directly. You tell them you found this issue, you give them a legitimate amount of time and response capability to patch that issue.

Caleb Sima: Once the vendor has provided the effective patch, you then release the advisory so the world knows about it, so that you as a customer can adopt their patch quickly, right?

Ashish Rajan: Yep.

Caleb Sima: To protect yourself. So o day just being published aren't just, here's an O day, let's publish it. Unless they don't follow responsible

Ashish Rajan: disclosure.

Ashish Rajan: Oh, no, I'm with you. I think where I'm coming from is that, say if I have an O day I don't, there is no benefit apart from street [00:27:00] creds for me to disclose it publicly. Or when I say publicly, I mean publicly to the vendor for them to go and fix it. If I can exploit it myself, I'm thinking Correct.

Ashish Rajan: I'm taking the black hat hat over here.

Ashish Rajan: It's like, oh

Caleb Sima: yeah, yeah, of

Ashish Rajan: course you sell for me to put that out there.

Caleb Sima: Yeah, you sell it. Yes. Or you

Ashish Rajan: use

Caleb Sima: it yourself.

Ashish Rajan: That's right. And I think I almost go, will take that step further. The, and the reason for my initial thinking about the approach for the end topic was coming from this as well. That if I, I don't, I don't wanna discredit in the research or the work that they've done.

Ashish Rajan: This Definitely great job. Glad they have project ing going. Where I'm coming from is, should this model be released at all in the first place? That's if that's how sophisticated this is, because if people are that, to your point, AI forward AI thinking, which many people would be at this stage, once they realize that is possible, then they would, the only way this partnership would work is that a, the zero day is out on the internet and CrowdStrike, Palo Alto, someone, whoever, figures out that there is zero day that's being used to exploit things.

Ashish Rajan: Because unless you run a massive scan on the internet for every [00:28:00] possible vulnerability, we are not gonna find all the zero days. Right.

Caleb Sima: Yeah. Your question is, if it's so good you can't release it, period.

Ashish Rajan: Yeah.

Caleb Sima: Okay. Because, so yeah, great, great question. The, and, and I think that's, it's, there's, there's a pretty obvious in some sense, reason why you have to there's two.

Caleb Sima: Let's go with the first, let's go with general public good. The fact remains is that. We know these frontier models are generally, what, three, six months ahead of each other in stages?

Ashish Rajan: Yeah. Yeah. I mean, I mean, OpenAI already has a version coming out soon as well.

Caleb Sima: Yeah. OpenAI will probably catch up to this model.

Caleb Sima: And then we also, hey, like we're talking about the world, so other countries deep seek China, anything else probably are also similarly coming up behind them. Yeah. And so the fact remains is there's a window of opportunity before other frontier models probably get to this level of reasoning. Yeah.

Caleb Sima: And by the way. Remember if you look at Anthropic, it's not so good at finding security vulnerabilities because it [00:29:00] was trained to do that.

Ashish Rajan: Oh

Caleb Sima: yeah. Again, going back to the, it's because it's just gotten so much better at code. That's right. Yeah. So, so we know the rest of the models are gonna come. So you have a limited time of window at which you can apply this.

Caleb Sima: That's sort of the first, right? Yeah. You will have to release it because everyone else will do at some point, and it, which goes back to number two of why Anthropic has to release it, because they're also a business that needs to make money. And so like they clearly, you know, and this is the thing that I think is something Anthropic should be both praised for, right?

Caleb Sima: In what they've done is they could release this model now.

Ashish Rajan: Yeah.

Caleb Sima: And it is by far, at least according to whatever benchmarks, if you believe, benchmarks way, way better than anything in the market, right? Mm-hmm. So everybody would continue. To invest and put more into Anthropic, which would make Anthropic way more money.

Caleb Sima: But they have hesitantly said, Hey, we should pause this. Let's try to do the right thing in this time window before moving forward. Yeah. [00:30:00] Which I think is something that should be at least applauded for.

Ashish Rajan: Yeah, a hundred percent. A hundred percent applauded. Also, we just wait for OpenAI to publicly release it, and then suddenly Anthropic is like, actually, you know that a hundred day window, forget about that

Caleb Sima: OpenAI.

Caleb Sima: I just didn't care. They're just gonna,

Ashish Rajan: yeah, because I mean, but to be fair to, to your second point about the, it is a business. If OpenAI is such to just publicly release it, they would be under pressure to like, wait, we came up with this first. We were trying to be responsible and now we are. Already behind by the fact that we just try to be responsible.

Ashish Rajan: So

Caleb Sima: listen I think that these are AI war that's just the way it will play. And by the way, if OpenAI did have a model that was similar in its capability and they just released it, now, everyone would switch. Everyone would start using that model. That would be a big advantage for open ai, right?

Caleb Sima: That's right. Despite the safety or not. That's just the way it works.

Ashish Rajan: Yeah. And know, I mean, I think that's kind of where, which is a scary part here because I think I, I don't know, maybe it is already published, but I think OpenAI here has come out [00:31:00] saying that they are also going to have like a similar closed cybersecurity course.

Caleb Sima: Yeah.

Ashish Rajan: But hey, I mean, how true is that gonna be? Well, unless the model come out first, and maybe we'll find out then, but to kind of take this in the direction of actually solution mode as well. Yeah. Where we spoke about the. Hype and how real the hype is. Maybe one thing that would come out, which would be really interesting, if people actually had general GA access, they could be zero days that are specific to the organization.

Ashish Rajan: 'cause each organization is a, for lack of a better word, an organism, right? Correct. Which has patched different things, multiple softwares. This might actually might be great for people to be able to identify zero days that are specific to their organization. That's a great thing for I, I do want to add that as well, that in spite of the internet and dark days and whatever, that the internet may use this for misuse.

Ashish Rajan: But there's a positive side to this as well, that you can actually find things that maybe, you know, because you know the internal architecture and how that works, which you go, oh wait, because an [00:32:00] external person could have never found that out. So

Caleb Sima: Yeah, and all the custom software code that you're building.

Ashish Rajan: Yeah.

Caleb Sima: Right. Oh

Ashish Rajan: yeah.

Caleb Sima: Everything, yeah.

Ashish Rajan: Like the thick clients that could have never been pen tested. Now you can finally let something loose on it as well. Hopefully Sweet.

Caleb Sima: Correct.

Ashish Rajan: This is interesting. I just thought of this. No, something that the automated pen testing companies have been facing as a challenge for some time has been the fact that there is no guardrail for where do you stop the hacking?

Ashish Rajan: Like where, at what point do you stop? Do you just tell Mythos hey, this is far enough, stop going into a mainframe and stop deleting to prove the use case. How do you

Caleb Sima: right, right.

Ashish Rajan: How do you, I don't, I actually, that would be an interesting one for people to identify. Can you put a guardrail on it in the first place?

Caleb Sima: I would say that is a good discussion to have. In another session around how can you prevent or put guardrails around AI models and their execution?

Ashish Rajan: Yeah. Because it's all well and good. You have a super powerful model that can go all in, remove all the false positives, but do they just stop? There [00:33:00] is, uh, well, let us know in the comment section.

Ashish Rajan: If you want us to do another episode on this, just call it, uh. But I don't know what's the right word. Would we just, yeah, just say, do an episode on that. We just, we'll, we'll just do that episode. So coming back to CISO discussion let's put

Caleb Sima: hats on. Yeah. Defense. What do we do, what do we do about it?

Caleb Sima: That's the, that's the,

Ashish Rajan: yeah. Type in the word defense in the comment, and we'll just do an episode on this. Putting on the CISO hats. Yeah. What is the, a, let's just put this in a bell curve or not bell curve, like I curve, like I'll just say barbell. I'll just say on one hand you have people who have, uh, been very AI forward.

Ashish Rajan: AI adoption is like, to your point, tech forward, AI forward. Those kind of companies. On the other extreme are people who are traditional, who have not gone beyond the use of, say, copilot or open AI web console. And in the middle, the messy middle as people have been calling it. There's a mix of people who are obviously enterprises that have been there for a long time.

Ashish Rajan: Regulatory use, engineering with core, sorry. Use AI for code engineering, AI for productivity, and experimenting towards going on that AI forward side. What are your thoughts on CISOs on each one of [00:34:00]these, each three of these bars, I guess for,

Caleb Sima: yeah. Yeah. So, you know, here's the thing about this is clearly an AI enables an acceleration of arms race problem, right?

Caleb Sima: Which is attackers now have access to o days at the lowest level of talent. So your script kiddies now have super capable capabilities of finding O days and exploiting those O days. At a massive scale. And on the defensive side, which we're always behind on, we now have a massive attack surface that now we have to figure out how to defend against these low level talent script kiddies with nation state capabilities.

Caleb Sima: So what do you do? So there are really one big theme school of thought that's going on around right now, which is true, but I would also like to note not the whole story. So everyone is Patch, patch, patch, patch, right? Which is correct in the sense that says, you know, every enterprise has a vulnerability management pro process or program that they [00:35:00] have in place.

Caleb Sima: And by and large. Generally speaking, critical issues that need to be patched. Have a, one to 72 hour timeframe in your organization that says these must be patched, high issues. Somewhere between, you know, three to seven days needs to be patched, and then medium issues between two or three weeks.

Caleb Sima: And then low issues, you know. More than 60 to 90 days, which no one ever looks at low issues anyways. Right. Yep. So you know, this is your standard VUL management program right now. Yep. Yep. Obviously, this fails miserably in a sense where this world is enabled by nation state attackers that have the ability to do whatever they want.

Caleb Sima: So exploitation, which, by the way, this existed before Mythos, right? Going back to our zero day clock problem.

Ashish Rajan: Yeah.

Caleb Sima: But the speed is moving so quickly. How do engineers or organizations adopt a super fast? Patching solution. So that's the first is you have to be able to figure out how can [00:36:00] you patch current things any high, any critical patch within hours versus days or weeks.

Caleb Sima: And how do you enable that program inside of an engineering organization to do this effectively? Number two, when Mythos gets released to all ev, you have to figure out how in your organization you're gonna use Mythos to evaluate your own software and where you sit to ensure that you find these issues before you go to production.

Caleb Sima: Standard shift left. But now using AI to effectively help you find these vulnerabilities quicker and the ability for you to patch them quicker. These are the two things I think the majority of the industry is talking about right now. Your entire role management program has to change and your engineering has to be along for that ride.

Caleb Sima: It is a forced adoption at this state. Yeah. And then number two in Mythos comes out, what are we, how are we going to use that? To ensure that any software that we write or produce is free from these level of issues that [00:37:00] an attacker can find, right? So use the weapon as a defensive tactic so that you can also go and move that forward.

Caleb Sima: So that is what the majority, I think of people are talking about. Now, there is a, a whole nother level that I don't think most people are talking about, but I'll talk about that. I'll pause there to say, should we discuss a bit more on this side of the

Ashish Rajan: house? Yeah, yeah, sure. I, I was gonna say, I think, uh, find of, my first thought on this was a bit different.

Ashish Rajan: I think, uh, the first thought I had on this was, and maybe because it's, my first thought on this, was more on the lines of, it's about understanding the exposure and visibility. And I put an asterisk next to it because knowing what assets I have and what kind of versions they're running is a whole problem in itself.

Ashish Rajan: But if I could solve one thing right now, which could potentially be a better investment. Especially if I'm not that AI forward, which I imagine majority companies are not that AI forward in their engineer. They may be in their engineering comp capability using Claude Code codex, whatever, but a lot of security teams just [00:38:00] have a basic subscription to Clax Enterprise or open AI enterprise, whatever.

Ashish Rajan: With those kind of companies, I think the, in my mind, the first one that I had was number one priority would be to identify which endpoints do I have exposed on the internet, what softwares should they run and what versions of it in the hopes that when that zero take do comes out, at least I have a way to identify that.

Ashish Rajan: Am I exposed to not, because I guess that's nine out 10 times. As the question we asked when the heart bleeds to the world happened, all we wanted to know was, am I exposed to not? That was the first one I came. The second thing was improving response time. I don't think instant response, I don't think I've been hopping about instant response, I feel like for years now, but the response time, the NT TR as people talk about for, even if it's a quote unquote virtual patch that vendors give you, that once you've identified even that sometimes can take weeks.

Ashish Rajan: For you to identify response, put the patch in. Yep. Like I, I definitely find those two levers. If people can pull that quite a bit. And to your point, there is this software and everything else that goes into it. That would be great. The third thing [00:39:00] which I came across in a discussion and I kind of, oh, I.

Ashish Rajan: Totally missed that point was now since most third parties use AI in that exposure window, I would also put the fact that which one of my third parties actually have an, have access to my cloud accounts, which today is like shit ton of people or shit ton of vendors have access to my cloud infrastructure, my on-premise infrastructure, then I mean third parties.

Ashish Rajan: I think those were the initial thoughts that I had. But to you to, to your point about the tying that back to a vulnerability management process for the world that we have preo, if I can say that, that would not work in the post Mythos or Mythos world, uh, where I just wait for seven days or 30 days and have no idea if, uh, John in engineering actually cares about his own, uh, feature going out.

Ashish Rajan: More important versus my security patch. Like, yes. That's the argument will always come keep going back to you.

Caleb Sima: Yeah. I think, you know, here's the, there's a pro and a con. The pro of this is we already know the right things to do. Actually, [00:40:00] we're all doing them, right? Vulnerability management, external attack, surface exposure, asset identification, to your point instant response.

Caleb Sima: These are all the right things to do and have been things we have been doing. The con to this is you just have to do this way faster, right? It has to go from days to an hour. So how do you, it's not it's not that the process or the, the logic is wrong, actually all of that is correct. We just need to make it happen within minutes.

Caleb Sima: Right? So how do you. Consistently always have an update of your assets and your libraries to know if or when something becomes exploitable or not. And then immediately, if you do find that out, how do you patch that instantly? Yeah. And still have a running server. And if you do identify something that happens, what is your incident response that occurs in your controls that happens instantaneously?

Caleb Sima: Yeah. Because remember, you know, attackers in the future aren't going to be people that [00:41:00] pop a box and like, stick around and like pick around at things. They're gonna throw an agent in there that's gonna spawn 30 other agents that are gonna go from everywhere.

Ashish Rajan: Yeah.

Caleb Sima: So, you know, we've gotta figure out how to have really fast response times to these, to your point.

Caleb Sima: So we know what to do. It's just we don't have the capability. Both organizationally, process ways, process wise, people wise. To put the technology there that compresses that timeframe super quickly.

Ashish Rajan: Yeah. Yeah.

Caleb Sima: And that's what needs to happen, right? In that, in that scenario,

Ashish Rajan: to your point, that's the only thing you can do today is enforce it and get the rest of the leadership team on board and enforce there is no other route about, because you, what you, and you and I both spoke about, the seven day 40, there is a reason why that window opened up is because not everyone happy to patch every single day.

Caleb Sima: No,

Ashish Rajan: they won't. No. And they, they

Caleb Sima: Or are they capable of it? Because we're like, oh, we, it's gonna break things. It's gonna

Ashish Rajan: Yeah.

Caleb Sima: You know, like blah, blah, blah,

Ashish Rajan: blah.

Caleb Sima: Yeah.

Ashish Rajan: And your point, if the patch requires it's a full [00:42:00]version upgrade, then we are like a, we are, we're talking about feature upgrades that are associated with it.

Ashish Rajan: There's so much more. Uh, and maybe that's why vulnerable team management has this bane of, uh, people's backside for a long time. Because every time you've, as a security team, you walk with a patch, you almost immediately would get, Hey, is this going to break something?

Caleb Sima: Yep.

Ashish Rajan: And you, like, there is no way you can guarantee that.

Ashish Rajan: 'cause there, there is no way a vendor could test all scenarios for your specific organism of the company.

Caleb Sima: Yep.

Ashish Rajan: And then two, okay, if it's not gonna break, do I really redo this? Because I have this feature that you should go out, that the PM would argue you with you for. And I'm like, oh, trying to have this conversation at this level of, are we okay with the risk not making money?

Ashish Rajan: What which risk are we balancing here? Well,

Caleb Sima: so here's the thing that Mythos and Anthropic has done, that's gonna be tremendously helpful. To security industry. It's putting this topic at board level, right? This is now a threat. This is an, an arms war that th this is [00:43:00] gonna hit us so hard that if we are not there, then people will suffer.

Caleb Sima: Companies will suffer. Yeah. And the thing is, is that engineering now needs to get to a place where if you pat something and it breaks, figure it out. Right? It's almost, you have to assume breakage and you have to figure out how you're gonna resolve that because the lack of patching or the speed of that patch is non-negotiable.

Caleb Sima: So build the systems around your application and what you've done so that patching quickly and fast and whether it breaks or doesn't break things is gonna be managed. So like that is going to have to happen. Now, I know we have limited time, so I wanna hit the other angle, which everyone is about patching.

Caleb Sima: Use Mythos to patch your software so it's more, more secure. Everything's about making sure that patches are done. I agree with all of this. However, I think it's, it's only one third of the story. Because here's the problem, I think in any enterprise, which is okay, it's great. I can use Mythos to look at my own software that I produce to hopefully find these O days so [00:44:00]that they're patched, so it's more secure when it gets produced.

Caleb Sima: Great. That's a huge win across the board. But what do I do with all of the stuff that I don't own, right? All my third party SaaS services, all my legacy things, my routers, my firmwares, my, everything that I don't own, all the open source that I run that hasn't run through Mythos in order to get patched or not get patched.

Caleb Sima: This is the majority of my attack surface. How do, I can't patch my way out of this, right? Like there is no patch capability here. And so what everyone is ramping on today is patch. Yet the majority of the problem are things I cannot patch, right? Yeah. I cannot patch these things. So what do I do in that meantime?

Caleb Sima: Because all these vendors. They may have access to Mythos it or they may not. Yeah. We all know in any enterprise there's at least probably two thirds of your vendors who don't care. Even if they had access to Mythos or not. They don't care. They won't be patching, they won't be producing these patches.

Caleb Sima: You're screwed. And by the [00:45:00] way, these third party SaaS vendors, you have no idea what they may or may not be doing in that same problem. The third party risk problem. So again, accelerated. So then what do you do? And this is where I think that what most people aren't thinking about is, yo, there's always a philosophy that I've had, which is assume breach.

Caleb Sima: Mm-hmm. Right? Which is right now everyone is freaked out about preventing the exploit. My view is just assume the exploit, right? Okay, I make the assumption that they all have O days anyways and that their level of talent is low. So I could get popped anywhere on any external service, any laptop or device, any mobile phone gets popped through these types of things.

Caleb Sima: The question then comes to, I think the rest of the industry is what do you do, right? If you could assume everything can be popped, which I think is a safe assumption to begin with, that it doesn't mean that you need to patch everything. It means you have other things in place like detection. This is also where I'm about to write a post about this.

Caleb Sima: I think deception has been a, a [00:46:00] thing that has always been something that I felt very critical and important, but most of the security industry thinks is a dessert. It's a thing that you put at the end ne you know, never anything that you do at the beginning. And I think AI, I think, is going to change that because if you think about a world.

Caleb Sima: Everything can be popped and you can throw an agent to then instantly navigate your enterprise. Things like decoys and deceptions and tokens and things left around your thing is pure signal, right? Yeah. You it's not about detecting or preventing the exploit, it's about detecting the attacker, moving through your enterprise.

Caleb Sima: Yeah, and especially with AI and agents, I feel like there, there needs to, people in the industry need to look at deception as something you do first, as something that you can get true signal for. On these types of things happening on the assumption that exploit happens.

Ashish Rajan: Interesting. Yeah. Honey Pots has been always been like a, I, let me solve everything else first before I pay [00:47:00] money for Honey Pot.

Caleb Sima: Yeah. And it's, it doesn't make any sense to me because think about it, think about like before a detection and response program is put up, you should put deception in, but that's not how it goes. Oh, let's do a detection response program. Let's invest $15 million with tons of people team to produce a set of possible things.

Caleb Sima: Seeing an attacker do that's mostly full of false positives. Yeah. Before just taking AWS keys or fake files and distributing in my network where a pure signal arrives if this thing happens. No, like, I'm not gonna do that. That's like something that a mature organization does. Not like an immature organization.

Ashish Rajan: I tell you, you raised a good point as well because it, so obviously, uh, when you say assume breach, a lot of people would also assume that, oh, but I have defense in depth. I'm working towards zero trust and I'm gonna, so throw some more words in there. But essentially the bottom line being a lot of people would just go down the path of the reason why.

Ashish Rajan: Prevention was of [00:48:00] we don't believe in detection 'cause I can't detect everything under the planet, but prevention is a key, blah, blah, blah. But to, to your point about the deception piece, it's like obviously it assumes that we would know that a key is me. And to your point, it doesn't need to be a complicated 25-year-old Linux vulnerability.

Ashish Rajan: It could be as in present a is key. I think that's quite, that's where we already head towards where we don't need, because at this point in time, we don't know what a zero day would look like, but what we would know when someone is trying to access our mainframe.

Caleb Sima: Correct.

Ashish Rajan: With the key,

Caleb Sima: what we do know is we, we do know what the attacker is going after or what they would do in their behavior.

Caleb Sima: Right? Yes. And what they want to see, what they want to see is privileged accounts. What they want to see is data, private data. What they want to see is access to PII like this is the kind of things that we know for sure, no matter what the exploit is.

Ashish Rajan: Yeah, yeah.

Caleb Sima: That you can detect and you can get signal on.

Ashish Rajan: Maybe it's the combination of what I was saying and what you're saying as well. What maybe this is kind of like the point in time solution today [00:49:00] for people who are trying to tackle Mythos without being AI forward or tech forward could be the fact that as long as you have an understanding of the exposure that you have across the endpoint, it doesn't really matter.

Ashish Rajan: I OT devices or not OT devices or just your software putting honeypots in there. Just obvious honey pots that it maybe that could give you a lot more bang for your buck instead of trying to put the, I don't know, the next software that comes out saying, Hey, we will find the zero day for you. We will patch the zero day for you.

Caleb Sima: Oh, yeah. Well, here's the thing. You know, in any security organization, you're gonna do both, right? You're going to, you're gonna patch, you're gonna identify your assets, you're gonna do all the things that we, it's the same thing. We're doing all the same things, but at accelerated rate. Yeah. However, I do think deception itself, detection and deception, are gonna rer to the top because.

Caleb Sima: Agents and AI move so fast with such an large attack surface that both of these things are gonna give true signal, minus the exploitation as you need to at least [00:50:00] see your attacker and you need to be able to identify them. Mm-hmm. And like, those are super, super key. And right now, by the way, uh, well maybe I'll, I'll hold on this, but I also wanna put I almost have a lot of pushback on a lot of CISOs and security experts that I hear say detection and, and deception.

Caleb Sima: I don't wanna spend my resources on that. I'd rather spend it on prevention and controls, which everyone in the room will then clap to. Absolutely. Yes, absolutely. Yes, absolutely. And that person, yeah, absolutely. I'm gonna spend on a prevention and controls. Good luck with that. Okay, great. So you're gonna have.

Caleb Sima: We now have O days happening everywhere.

Ashish Rajan: Yeah.

Caleb Sima: In software you don't own that has access to your resources.

Ashish Rajan: Yeah.

Caleb Sima: That now is moving at machine speed inside your enterprise and you're gonna say, that's okay. 'cause I've put all the defense in depth and prevention. I don't need detection, I don't need this deception stuff.

Caleb Sima: So I'm like, oh, okay. So banks. They have vaults, but we shouldn't have [00:51:00] security cameras or guards. Right. We should just assume that well, it's in a vault so it's secure. Like we're okay. Like we don't need to watch for bad people. We don't need to detect bad guys. Like let's just focus on the prevention side.

Caleb Sima: That's a better route to go after. And I'm like, have you tried implementing prevention in an, in a decent size organization? No. Like, that'll take forever money as well. You that, how long is that gonna take? And that's only probably one area of what, a attack surface on one vendor.

Ashish Rajan: Yeah. Yeah.

Ashish Rajan: Actually is something add else to had here. Right. I know we've been talking focusing a lot more on zero days, but you know how, and at least every time I've become a CISO, I feel like nine or 10 times the job always relied on, I don't know, silly Ashish not clicking on a link, on an email being the number one problem.

Ashish Rajan: Yeah. So I do want to emphasize that as well, that yes, zero days are important and they can be quite destructive. But there is something to be said about the fact that nine, [00:52:00] or maybe it may not be the biggest problem in your organization, the biggest problem is still may have just the fact that silly Ashish, she just clicked on a link and the phishing was the biggest problem.

Ashish Rajan: But in terms of the challenge with Zero Day and the way software is, I think I'm, I'm, I feel like we've kind of had like a whole discussion on this. What we haven't spoken about yet are obviously is the fact that how do I prepare for this, Mythos world that I'm going towards? If I say I want to be AI for what should be the things I should work on in my team, should I make them start building AI agents?

Ashish Rajan: Should I start? Uh, no. Like what? 'cause your point about the response time being in less second rather than, yes, I have a detection. I have created this Mythos detection engine that I'm building in my organization. Every new feature, new software comes in, MEOS goes cancer. It finds some, finds some things creates detection, whole cycle.

Ashish Rajan: What should be people focusing on in this period of where they've done the things that we've been talking about so far? Within the bare basics. They, [00:53:00] they understand what the exposure is. They have a possible honey part detection capability as well. What do you think is like the, uh. Thing that they should be building in their program.

Ashish Rajan: 'cause obviously they can't build everything. They don't have the endless budget. A lot of people would still focus on the the thing that internet talks about that, hey, 70 to 80% is still phishing. Focus on that zero day. Some obviously, depending on which vendor you talk to, they'll ask you to focus on the other, which they fault try to solve.

Ashish Rajan: But if you were to just take a step back from this and maybe some, all of this come, all of this comes back to the basics. But if I'm a CISO listening or watching this, and I wanna build something that makes me capable to even walk towards a path where Mythos become a everyday thing, what do you think they should have in their team?

Caleb Sima: I think there's. Three things that I would do. The first is it's not anything you're doing anything different. It's just a matter of making everything you do way faster, and I would focus on these three areas. The first area is clearly your VUL management program, right? Mm-hmm. Today, you are at seven days, two weeks, 30 days.

Caleb Sima: [00:54:00] What do you need to do in order to make that one hour, one day, two days?

Ashish Rajan: Yeah.

Caleb Sima: What needs to change in both your software? That you write and in any services or external software that you have, because you have to make an assumption if all of Mythos is true, there is gonna be a massive rise of disclosures and patches that will have to be applied.

Caleb Sima: That will happen constantly. And again, you know, there's probably, you know, a super rise of this and then a steadying off over point, but you're gonna have to deal with this.

Ashish Rajan: Yeah.

Caleb Sima: So take a look at your process today. Figure out how do I compress my time? And whatever that takes in order to do that, that is gonna be, you know, both you, your executive, your engineering team, your infrastructure team all together, trying to figure out how to compress that capability.

Caleb Sima: There's no difference. You don't need to do anything different. You just need to know a thing. You need to know, how do I get alerted to these patches? How do I apply these patches? How do we test for these patches? And then making sure that when we find these things, we shove it in as early and as [00:55:00] quickly as possible.

Caleb Sima: So now it goes from one hour to one day to two days. Like kind of, you know, this is it. This is where we produce. So that's the first thing. And then the second thing is, what I was talking about before is I would focus the same on detection. Is this the one thing that you do have? You have to assume exploitability.

Caleb Sima: And the one thing that is fully within a security team's control is their detection and deception capabilities, which is how do I ensure faster capabilities of detection, easier ways to detect the threat, faster response times, to your point, Ashish around the response times capability. All of those things are sort of super, super key, uh, on doing that.

Caleb Sima: And then the third is I think proactive. Use of your own exploitability, ai, red teaming, AI scanning, you know, to your point, attack asset identification, all of these things are key to being the attacker. And so the attackers have access to all this technology. So do you, so you need to make use of that so that you are scanning both externally and internally using the same capabilities that these [00:56:00] guys have, so that you can get a better understanding of your risks as well.

Caleb Sima: So like, I think a lot of that, I think these are the three that I would primarily focus on. When I think about, like, if I were to stand in front of a team and say, these are the the key things we need to go figure out. And of course, prevention, protection controls are key to all of this, but to me that becomes a foundational health sort of maintenance thing.

Caleb Sima: Okay. We need to ensure that we get the right controls, get the right maintenance. Like in your laptops, do you have easy ways to contain those laptops if they get popped? Because now when an, if a laptop gets popped, that thing is spreading everywhere. It's not some person on a keyboard. So you need to have quick containment of laptops once you detect something.

Caleb Sima: Right? But the key is you can't contain or prevent without first detecting and understanding. So you need to be able to respond here, you need to be able to do that. So that's sort of how I'd layer those things.

Ashish Rajan: I would add one more, right? I think it's funny, I think maybe we can take some lessons from our software engineering [00:57:00] colleagues on this one.

Ashish Rajan: So obviously you and I were RSA. One of the things that came up in a lot of the panels that I hosted or participating in was that we are moving towards a world where software engineers are being asked to more, create more prs. Like the code that they're producing should be, Hey, we are expecting 50 prs from you guys, but not just from the engineers, but also from product managers, also from UX people and other people as well.

Ashish Rajan: And I want to extend that to the, this example here. If you look at the entire security GRC take detection engineering, take your cloud security, take AppSec. We are all detecting things. If you were to just super simplify the whole thing, in my cloud security, I am identifying or detecting, quote unquote Misconfigurations.

Ashish Rajan: AppSec. I'm detecting what's my static code, version, or my SCA, my open source library. That is vulnerable. If you were to just have as a cso, whoever who has a team and maybe their team feels they're not technically capable, but they do this job day in, day out, they do [00:58:00] detect stuff. They do know, know how to see this.

Ashish Rajan: If they can just, each one of them can start building one detection. In a week. Doesn't have to be every day. Maybe they do it every day, but just say one detection per week that gets put into a Git guitar repository or a GitLab repository depending on whatever repository they're using as a thing that they keep building towards.

Ashish Rajan: Because I imagine at the moment the backlog for this is that a lot of us are focusing time on either ignoring or validating a detection, not creating detection.

Caleb Sima: Yes, absolutely. In fact, your point is so on point that that, that the, there are companies out there today like Spectrum for example, that consolidates that where not from threat detection.

Caleb Sima: Through what, or even design, like take a threat model or design or a red team report that you have. Yeah. You can throw this in there.

Ashish Rajan: Yeah.

Caleb Sima: It will automatically do the threat, modeling the analysis, create all your detections, deploy your detections, [00:59:00] validate them, and then tune them All done within five minutes.

Caleb Sima: So like the capability, the technology exists now for defenders to be able to do exactly what you're talking about. The thing is, is that we have to catch up, right? Yeah. So, like, luckily we are using, this is great examples of AI doing great things here in this world where on the defender side, we are now in a place where technology can take detection and literally make it one click.

Caleb Sima: Yeah. Um, and do it in a way that's amazing like that. A

Ashish Rajan: hundred percent. And, uh, to, to your point, they can also, they don't have to start by buying a product as well. They could just start by identifying what they already detected in the first place. 'cause that's what a lot of times where a lot of people feel, I can't use AI for this capability or I, I can't use AI because I don't know what I'll use it for.

Ashish Rajan: I'm like, there's now there's an obvious reason for people and obvious reason and focus that they can have towards just detection as a whole. appsec that can build, start building detection capabilities, your [01:00:00]clouds that can start building detection capabilities. Your GRC can start building detection capabilities.

Ashish Rajan: They don't have to be technical, they just need to be able to explain what they're looking for as well. There are all these connectors that are available. So I think the, as much as we start the conversation by saying that the bar is quite low for script kiddies to have a nation state kind of capability, so do we, it's like if a script kiddie can do a better job than us,

Ashish Rajan: like 'cause in terms of capabilities, right?

Caleb Sima: Well, I mean, yes, but also. To be true. You know, the black hats have always been ahead. Um

Ashish Rajan: Oh yeah, I understand. They're, we have red tape. I get that. But a script kiddy is just going, Hey, hack computer. A they're not going either way. There is SSRF of vulnerability here that I can see.

Ashish Rajan: I can go on. Look, there's a lot more complexity and understanding that all of us collectively have developed about organizations over the years that we can be a nine. I'm, I would be 99% certain. Everyone knows a hack in their [01:01:00] organization that they can, they just know that it has not been patched for forever, and it would never be patched.

Ashish Rajan: So they could just even start there if they want to. But in saying that, I hope people enjoy that conversation. And I would love to hear from you as well, whether you think it's, uh, this is the, the day of the days of reckoning is coming, or is this the moment where we collectively come together as a community and hopefully the flip this for the better.

Ashish Rajan: 'cause there is a lot of positive, but there's also a lot of downside depending on response time. Any final thoughts on this Caleb, before we wrap it up?

Caleb Sima: You know, you made that comment about, Hey, go hack computer A and it just flashed in this image of my head about. All the hacker movies. The cheesy hacker movies where they just go Tap, tap, go hack, I'm in.

Caleb Sima: Or it says it's gonna, it's running the decryption mechanisms and then Oh, it figured it out. Or, oh, it's defending against the, like all of that actually is kind of coming True.

Ashish Rajan: Oh my God. Yeah. Funny enough. It is actually it's funny, I think true, but also the bar for a [01:02:00] sophisticated hacker and a not so sophisticated hacker and a wannabe hacker is also coming low as well.

Ashish Rajan: That if I know like buffer overflow is something that I have always stayed away from. 'cause I just used, that thing used to scare me with the number of addresses you can have, and I think. Over, over the past three months, I've, I've become even more confident that I can do buffer overflow so much more easily than a, as probably an equally advanced hacker.

Ashish Rajan: Well,

Caleb Sima: you don't have to do anything. Yeah, you don't.

Ashish Rajan: I mean, I just, computer a hack computer, a

Caleb Sima: the Anthropic talk at, uh, unprompted prove that he just took Claude and said, you're an attacker. Look at this source code repo. And it generated the working exploit. You didn't have to do anything.

Ashish Rajan: Also, it was literally to what you said, like what the movies used to be.

Caleb Sima: It's exactly like the movies.

Ashish Rajan: Yeah.

Caleb Sima: Oh, it's getting to the, being the being the movies dude.

Ashish Rajan: Yeah. Oh, we're getting there. Okay. Maybe the script kiddies is probably, uh, up for, they, they can do a lot more than damage then, I guess. But let us know in the comment section if you, uh, have any thoughts on Mythos and what you are doing about this.

Ashish Rajan: But until then we'll see you next [01:03:00] time. Start you soon. Peace. Thank you for watching or listening to that episode of AI Security Podcast. This was brought to you by Tech riot.io. If you want hear or watch more episodes of AI security, check that out on ai security podcast.com. And in case you're interested in learning more about cloud security, you should check out a sister podcast called Cloud Security Podcast, which is available on Cloud Security Podcast tv.

Ashish Rajan: Thank you for tuning in, and I'll see you in the next episode, episode. Peace.

‍