What "Mythos"-like systems mean for Web Security

AI is bringing a new dynamic to IT security. Advanced systems such as Claude Mythos, which can systematically analyse large codebases, make it significantly easier to find and exploit vulnerabilities in widely used software more quickly.

This also affects widely used components on which a large part of the Internet infrastructure is based: Linux, Apache, OpenSSL, Kubernetes, PostgreSQL and many other building blocks of modern IT landscapes.

What do these "Mythos"-like tools mean for web security, API protection and defence at the edge?

Attacks are becoming faster – but not more visible

With AI-supported analysis, it can be assumed that attacker behaviour will change.

• More zero-day vulnerabilities can be discovered because AI can systematically and simultaneously analyse large codebases. This also includes compley interactions that are difficult for humans to scale.
• At the same time, the time between discovery and exploitation is shrinking. What previously consisted of several manual steps – analysis, understanding, exploit idea, adaption and testing – can increasingly be automated or at least significantly acclereated.
• In addition, attackers can prioritise more precisely. AI can help assess which vulnerabilities are particularly attractive – for example because an affected library is widely used, because exploitation appears realistic or because the potential impact is high.
• Exploits themselves are also likely to be iterated more quickly. Variants of an attack can be generated, tested and adapted automatically until they bypass existing protection mechanisms or at least push them to their limits.

However, this does not automatically mean that every AI-supported attack will become visible as a clearly recognisable wave, as we observed with log4shell, for example. Such waves will continue to exist – especially when vulnerabilities or exploits become widely known and are used by many attackers at the same time.

With AI-supported analysis, however, a second dynamic is emerging: newly discovered vulnerabilities can be used in a more targeted, faster and non-public way. Anyone who finds an effective zero-day exploit with AI often has little interest in sharing it publicly.

That is why, in future, we should not only expect classic attakc waves around individual known vulnerabilities, but also a more sustained increase in targeted, AI-supported attacks on different vulnerabilities and attack paths. This does not make the risk smaller, only less visible.

Why protection at the Edge remains crucial

In this environment, a Web Application Firewall remains a central component at the API layer and at the network edge. The reason is simple: many attakcs still take place via standardised protocols such as HTTP. This is exactly where traffic can be centrally controlled, filtered and limited before it reaches the protected applications.

Airlock Gateway addresses this layer with several protection mechanisms:

Patten-based rules remain relevant. They detect not only known exploits, but also generic attack patterns such as injection techniques. This means attacks on previously unknown vulnerabilities can also be blocked, provided they use typical payload structures. We know from our experience with out Bug Bounty Programme that our filters also perform robustly against AI models because they check the structure of the attack payload and not just a signature.

OpenAPI Enfocement structurally reduces the attack surface. Only requests that comply with the defined API specification are allowed. Unexpected inputs do not even reach the backend. This is not a cosmetic measure, but a clear restriction of what an attacker can try in the first place, and it substantially reduces the attack surface.

Virtual Patching enables a fast response to known vulnerabilities. Attacks can be intercepted through rules in the traffic without the affected application having to be adapted or patched immediately. Especially when the time between the disclosure of a vulnerability and its exploitation is shrinking, this capability is critical.

At the same time, the following applies: a WAF can protect against the exploitation of a vulnerability, but it does not fix the vulnerability directly, as it only filters incoming traffic. Attacks that bypass this path or are based on internal logic, side effects or downstream permissions cannot be fully prevented in this way.

That is why it is important to place protection mechanisms as close to the application as possible and to complement pure prevention with additional visibility and behavioural analysis.

Anomaly Detection: Friction for attackers

Machine-Learning-based anomaly detection becomes particularly important in this contect. It comes into play where classic rules reach their limits:

• in detecting unknown attack patterns,
• in analysing attacks with formally valid requests that bypass classic mechnisms, and
• in detecting iterative tests that, at first glance, do not necessarily look like a classic attack.

This is crucial because AI-supported attacks are usually not perfect in a single step either. A functioning exploit still requires iteration, testing and adaption. Attackers have to try out variants, change parameters and evaluate responses

Anomaly Detection with Airlock Anomaly Shield addresses exactly this point: it detects unusual behaviour and introduces fricition into the attackers' feedback loop. Repeated and varying tests become more visible, the effort increases and the probability decreases that an attack can be optimised unnoticed until successful exploitation.

IAM limits access and damage

Alongside protection at the edge and behavioural analysis, Identity and Access Management remains a central component of defence. Because even if a vulnerability is successfully exploited, access control determines how large the actual damage can become.

• Upstream authentication is particularly effective: if an application cannot be reached at all without valid authentication, the attack surface is drastically reduced. Even an AI-supported system cannot attack an application to which it has no access.
• Least privilege ensures that compromised components have only minimal permissions.
• Scopes and access restrictions prevent a successful attack from automatically spreading to other systems.
• Strong authentication and step-up mechanisms provide additional protection for particularly sensitive actions.

Especially in the case of AI-supported attacks that exploit individual vulnerabilities in a targeted way, IAM is the second line of defence. It does not necessarily prevent the first successful exploit, but it limits the damage to clearly defined areas.

AI as a tool in Software Development 

AI is also a valuable tool on the defence side. As a manufacturer of WAF and IAM solutions, we use AI specifically to continuously analyse and improve our own software and typical deployment scenarios.

• AI helps to identify and fix vulnerabilities early in development.
• Security analyses become more systematic, more scalable and significantly more efficient, especially with compley codebases.
• Advanced models can also be used to simulate potential attack vectors from an attacker's perspective.

"Mythos"-like approaches are therefore not only a risk, but also an opportunity. Used correctly, they help find vulnerabilities before attackers can exploit them.

Conclusion: Speed and resilience are becoming more important

AI systems such as "Mythos" are changing the dynamics of IT security. They accelerate the discovery and potentially also the exploitation of vulnerabilities. At the same time, we should expect less in the way of broad attack waves and more targeted, difficult-to-detect attacks that are developed iteratively and continuously adapted.

For defence, this means:

• The focus is shifting from pure prevention towards speed, visibility and resilience.
• Anyone who does not use AI themselves for vulnerability discovery, code reviews and security analyses will fall behind.
• And a single protection measure is not enough: defence in depth remains central.

What is effective is the combination of fast response at the edge through WAF and Virtual Patching, structural reduction of the attack surface through API Enforcement, behavioural analysis through Anomaly Detection, targeted friction to make attack iteration harder, damage limitation through IAM, upstream authentication and Least Privilege, and proactive use of AI in one's own development.

Absolute security does not exist. That was already true before AI, and it will be no different with AI. What matters is disrupting attacks early, slowing down their development, increasing their visibility and consistently limiting their potential impact.

This is exactly where the strengt of a combined defence consisting of Airlock Gateway, Airlock Anomaly Shield and Airlock IAM lies.