AI Identity Security: What Leaders Need to Know about Claude Mythos Preview

Since Anthropic announced Claude Mythos Preview, extensive media coverage has drawn serious questions from CISOs and identity leaders. What Mythos has demonstrated represents a genuine leap in what frontier AI models, highly powerful, general-purpose AI systems that represent the leading edge of development, are capable of, revealing new vulnerabilities and making it easier for bad actors to scale attacks and exploit security gaps in unprepared organizations.

But AI models, however powerful, are only one side of the equation.Your identity and access management (IAM) architecture, your visibility into who and what is accessing your environment, and your ability to enforce trust continuously are the other side. And they remain directly in your control.

For identity and security leaders, preparing for Mythos and the models that will follow means ensuring the fundamentals are in place: verified identity across every interaction, least-privilege access by design, continuous trust evaluation, and governance that extends to every identity type. Be it human, machine, or AI agents.

This foundation is what keeps your security posture strong as AI capabilities continue to evolve.

Claude Mythos Preview is Anthropic's most capable general-purpose model to date, trained for agentic coding, advanced reasoning, and complex multi-step execution. The cybersecurity capabilities were not an original design goal; they emerged during safety evaluation as a byproduct of those broader improvements.

During testing, Anthropic's Frontier Red Team discovered that Mythos had developed powerful offensive security capabilities. On a Firefox security benchmark used to evaluate autonomous exploit development, Anthropic's Mythos model recorded 181 successes, dwarfing the performance of its predecessor, Opus 4.6, which succeeded only twice in several hundred attempts.

Those findings are why Anthropic decided not to release Mythos publicly. Instead, they released it to a limited group of organizations under an initiative called Project Glasswing, giving partners the chance to find and fix their own vulnerabilities before the model is more broadly available.

The research findings from Anthropic's Frontier Red Team are significant, and identity leaders should understand why:

• Mythos identified previously unknown vulnerabilities across operating systems, browsers, and widely used software libraries, including a 17-year-old remote code execution vulnerability in FreeBSD's NFS server and a flaw in OpenBSD's TCP implementation dating back 27 years.

• It autonomously chained four browser vulnerabilities together to escape both the renderer and OS-level sandboxes - fully autonomously, with no human involvement after the initial prompt.

• Previous models had elements of this capability, but Mythos stands out for its speed, success rate, and how little expertise is required to produce results.

The implication is clear: the barrier to discovering and weaponizing vulnerabilities is falling. And every vulnerability that gets exploited starts with an identity - a credential, a session, a token, an API key - being used in a way it should not be.

The concerns around Mythos are valid. In the wrong hands, the model could accelerate the identification and exploitation of unknown vulnerabilities. But your ability to defend your environment does not depend on which model an attacker uses. It depends on the strength of your identity posture; your ability to verify every identity, enforce least-privilege access, and detect anomalous behavior in real time. The advent of Mythos has the potential to put a magnifying glass on any cracks in your system, making adoption of these best practices more critical than ever.

Current frontier models are already available for defense. There is no reason to wait for access to a specific model before strengthening your environment. This moment calls for preparation, not panic.

Here is what that preparation looks like in practice:

1. Make Identity Your First Line of Defense

Identity is the #1 attack vector. Over 80% of data breaches involve stolen credentials and a human element - attackers are logging in, they’re not breaking in.¹ The major breaches we’ve seen in 2026 reinforce that identity-first security is the center of gravity.

Ensure every identity in your environment, whether that’s workforce, customer, AI agent, or machine, is authenticated with strong, adaptive controls. Move beyond passwords to passwordless authentication where possible. Deploy risk-based step-up verification for high-risk actions and enforce device posture checks at every access point.

2. Extend Trust Beyond Login

Trust cannot stop at the moment of authentication. Static, session-based access was built for a slower world. AI-driven threats demand continuous, runtime verification of every action.

Implement continuous trust evaluation that adapts to context - device health, behavioral signals, location, and risk score - throughout the entire session. When confidence drops, step-up verification should trigger automatically. Every AI action is a security event. Treat it that way.

3. Govern Every Identity Type, Including AI Agents

The proliferation of AI agents across enterprise environments introduces a new class of non-human identity that most organizations are not yet governing. AI agents need their own scoped, delegated identities—not shared human credentials.

Establish means of discovering and managing the lifecycles of AI agent identities: provisioning, access delegation, continuous monitoring, and deprovisioning. Define what agents are allowed to do, enforce human-in-the-loop approval for high-risk actions, and ensure every agent action is attributable and auditable.

4. Accelerate Vulnerability Response With Identity-Based Containment

The window between disclosure and exploitation is narrowing. Mythos demonstrated the ability to go from a Common Vulnerabilities and Exposures (CVE) number to a working exploit autonomously, which means the gap between a patch being available and that vulnerability being weaponized is compressing rapidly.

Prioritize patching based on exploitability signals, like Known Exploited Vulnerabilities (KEV) and an Exploit Prediction Scoring System (EPSS), and complement traditional vulnerability management with identity-based containment: just-in-time (JIT) privileged access, automated access revocation when risk thresholds are exceeded, and micro-segmentation that limits blast radius by enforcing least-privilege at every boundary.

5. Monitor AI Usage Across Your Environment

AI adoption should continue, but not without dedicated oversight. Many organizations lack visibility into how their teams are using AI coding tools, which models are being accessed, or what code is being generated.

Implement governance controls for AI procurement and usage. Route AI telemetry through centralized monitoring. Catch vulnerabilities in the development pipeline rather than in production, because timelines are compressing and the cost of late discovery is increasing.

The capabilities demonstrated by Mythos are real. They point to how quickly AI is evolving and what it can enable on both sides of the equation.

But the factors that determine how your organization holds up have not changed:

• Verified identity across every interaction - human, machine, agent.

• Continuous trust evaluation that adapts in real time, not just at login.

• Least-privilege access enforced by policy, not by assumption.

• Detection and response at the speed these capabilities demand.

This foundation remains directly in your control, and it is what will continue to reinforce your security program as models evolve. Remember: trust cannot stop at login, and it cannot depend on a single point of failure within the identity architecture.

1. Verizon - 2025 Data Breach Investigations Report