I was in Japan when my phone lit up with messages from my network. Here's what I think after reading every reaction and why urgency is more important than fear.
I was sitting at a table overlooking Lake Kawaguchi, Mt. Fuji framed through a torii gate, a cherry blossom bonsai on the windowsill, when my phone started going off.
I'd taken my family to Japan for vacation. Two weeks. Kyoto, the Fuji Five Lakes area, temples and ramen and trying to actually disconnect. One of those trips you plan for months and then almost feel guilty about because something always seems to be happening at work. We were trying to be present. I was mostly succeeding.
Then the Anthropic Mythos announcement dropped. And the messages from my network started coming in waves.
CEOs. CISOs. VCs. Researchers. Reporters. Everyone had a take, and the range was wide: fear, skepticism, outrage, awe. Some said this was the most important cybersecurity disclosure in years. Others called it hype dressed up in a press release. A few were angry at Anthropic, at the framing, at the idea that an AI company would build something this capable and announce it publicly.
But underneath all of it, there was one question that kept surfacing. I heard it at RSAC a few weeks ago and I saw it again in every message this week: not 'does AI work for security?' That debate is over. The question everyone is actually asking is 'How much time do we have?'
That's the right question. Here's my honest answer.
The capability is real. The debate about whether to be afraid is beside the point.
A lot of the reaction fell into two camps: people who think Mythos represents a civilization-level inflection point, and people who think Anthropic is overselling a research result to generate buzz.
I'm not in either camp.
What Anthropic published is a significant technical result. A model that autonomously finds zero-day vulnerabilities across every major OS and browser, then constructs working exploits without human involvement. The specific numbers matter: Claude Opus 4.6 succeeded at autonomous exploit development essentially zero percent of the time on their Firefox benchmark. Mythos succeeded 181 times out of the same test. That is not a marginal improvement. That is a different class of capability.
But arguing about whether to be afraid misses the more important question: what does this change about how defenders need to operate?
The answer is everything about the timeline.
Lake Kawaguchi, Japan, April 2026
The gap that defenders lived in just got a lot smaller.
For most of the history of cybersecurity, defenders had a structural advantage nobody talked about: time.
There was a gap between a vulnerability existing and an attacker finding it. Another gap between finding it and weaponizing it. Another between weaponization and exploitation at scale. Those gaps were never comfortable, but they were real. They were the window in which defenders could operate.
What Mythos demonstrates, and what Anthropic's offensive research lead Logan Graham said plainly, is that models with these capabilities could be broadly available in six to twelve months. Not just from companies in the United States. That window is closing.
This isn't a surprise to anyone who has been paying attention. Mandiant's M-Trends 2026 report showed that attacker handoffs inside compromised networks now happen in 22 seconds. In 2022, that window was over eight hours. The mean time to exploit vulnerabilities has dropped to an estimated negative seven days, meaning exploitation is now routinely occurring before a patch even exists. AI is accelerating every phase of the attack lifecycle: reconnaissance, lure generation, exploit development, lateral movement, exfiltration.
So when CISOs ask 'How much time do we have?' the honest answer based on current trajectory is: less than you think, and less than last year. The window doesn't close all at once. It narrows continuously. And the organizations that wait for a definitive signal before moving will find they already missed it.
The part everyone is missing: Mythos has guardrails. The threat doesn't.
Here is the thing I keep coming back to, and I don't think it's getting enough attention.
Anthropic is being responsible. They're not releasing Mythos publicly. They built Project Glasswing specifically to keep this capability out of the wrong hands while giving defenders a head start. That's the right call, and I respect it.
But Mythos isn't the threat. Mythos is the signal.
Attackers aren't waiting for Anthropic's release schedule. They're not subject to safety reviews or responsible disclosure frameworks. They're running DeepSeek. They're running open-weight models with no guardrails at all. They're building and training their own. And those models are catching up faster than most people want to admit.
How far behind are they? A year? Six months? We don't know exactly. What we do know is that the capability curve is steep and the gap is closing. Every month that passes, the distance between what Mythos can do today and what an ungoverned model can do shrinks. The same leap that took Opus 4.6 from near-zero to 181 successful exploits on the same benchmark is a leap that will be replicated, in some form, by models that have no guardrails and no governance and no consortium deciding who gets access.
That's what Mythos actually tells us. Not that the threat is here right now in its most sophisticated form. But that the destination is visible, the trajectory is clear, and the timeline is shorter than we're comfortable admitting. Anthropic has essentially shown security leaders a preview of the threat that's coming. The fact that Anthropic is controlling access to this version doesn't control access to the next version someone else builds.
The outrage I understand. The paralysis I don't.
Some of the reaction I saw was genuinely angry. People who felt Anthropic had built a weapon and announced it irresponsibly. People who thought Project Glasswing, the restricted consortium of about 40 tech companies getting access to Mythos for defensive purposes, was too small, too slow, or too controlled by a single private company.
I have some sympathy for those concerns. Who controls frontier AI capabilities, and under what governance framework, is a real and important question.
But outrage that tips into paralysis misses something. The implication of that reaction is: if only this hadn't been built, or hadn't been disclosed, we'd be safer. That's not right.
Anthropic's own team said it clearly: they expect other labs, including those outside the United States, to develop comparable capabilities within six to twelve months. The capability exists or will exist. The question is whether defenders have access to it before attackers do. Project Glasswing is an attempt to give defenders a head start. I'd rather have that head start than not.
Arashiyama, Kyoto, April 2026
What this actually means for security operations.
I've spent twenty years thinking about the relationship between attacker speed and defender capacity. Here is the most honest thing I can say:
If a security operations center is still fundamentally dependent on human analysts manually triaging alerts, it is not equipped for what is coming. Not because those analysts aren't skilled. They are. But because the math doesn't work.
A human analyst reads an alert an average of 56 minutes after it fires. Spends 70 minutes investigating it. More than half of those alerts are false positives. And now we're describing a threat environment where the time between vulnerability discovery and weaponized exploit is measured in hours and shrinking.
The only logical response is to match machine-speed offense with machine-speed defense. AI agents that can ingest every signal, correlate across domains, initiate investigations immediately, and surface only what requires human judgment. Not a copilot that waits for someone to ask it a question. An agent that runs.
This is the design principle 7AI is built on: humans on the loop, not in the loop. Making the strategic calls. Overseeing the agents. Deciding what to do with a finding. Not drowning in the volume that AI should be handling. We've completed over five million investigations in production environments. We know this model works.
Microsoft published their agentic SOC framework this week, independently arriving at the same architecture. Google has been moving in the same direction. Security practitioners, 80% of them according to ISSA's latest study, now say AI-powered defense is not optional. This convergence is not a coincidence. It's what the threat landscape is forcing.
Heian Shrine, Kyoto, April 2026
One more thing.
Standing by the pond garden at Heian Shrine in Kyoto, weeping cherry blossoms over still water, ancient buildings reflected in the surface, watching all of this unfold on my phone, I felt something I didn't expect.
Clarity.
Not fear. Not alarm. Clarity.
Because everything we've been building, everything we've been telling CISOs for two years, was validated in a single week by Anthropic, Microsoft, Mandiant, and Sam Altman. The AI arms race is real. The speed gap between attack and human-speed defense is real. The need for agentic defense that runs at machine speed is real.
The question now isn't whether CISOs and security leaders believe it. They do. The question is how fast we move from belief to implementation.
I'm back from Japan. Let's get to work.
Q: What is Anthropic's Mythos AI model? Anthropic's Mythos Preview is an AI model capable of autonomously identifying zero-day vulnerabilities across every major operating system and web browser, then constructing working exploits without human intervention. In benchmark testing, it succeeded at autonomous exploit development 181 times on a test where the prior model succeeded essentially zero times. Anthropic has restricted access to Mythos through a program called Project Glasswing rather than releasing it publicly.
Q: Does Mythos mean AI cyberattacks are already happening? Mythos itself is controlled and not publicly available. The more important implication is what it signals about the trajectory: models with comparable capabilities are likely to be broadly available, including from labs without safety guardrails, within six to twelve months. Attackers are already using ungoverned models like DeepSeek and homegrown LLMs with no restrictions. Mythos shows where that capability curve is heading — and how fast.
Q: How should security teams respond to AI-powered cyberattacks? The core problem is one of speed. Human analysts average 56 minutes before reading an alert and 70 minutes investigating it — in a threat environment where AI-assisted attackers can discover and weaponize vulnerabilities in hours. The only viable response is AI-powered defense that operates at machine speed: autonomous agents that investigate, correlate, and triage at the same pace as the attack. 7AI's agentic SOC platform has completed over five million autonomous security investigations in production environments, reducing false positives by 95–99%.
Q: What is an agentic SOC? An agentic SOC is a security operations model where AI agents autonomously handle investigation, triage, correlation, and enrichment tasks — freeing human analysts to focus on strategic decisions and judgment-intensive work rather than manual alert processing. Unlike SOAR platforms that follow pre-written playbooks, agentic SOC systems like 7AI reason dynamically through each investigation.
Q: How much time do security teams have before AI cyberattacks become widespread? Based on current trajectory, less time than most organizations have planned for. Mandiant's M-Trends 2026 report shows attacker access handoffs now happen in 22 seconds — down from over eight hours in 2022. Mean time to exploit vulnerabilities has reached an estimated negative seven days, meaning exploitation routinely occurs before patches exist. Anthropic's own research team estimates models with Mythos-level capabilities could be broadly available within six to twelve months, including from ungoverned sources.