Inside the race to adapt to an AI-powered security world | CyberScoop<\/title> <meta name=\"description\" content=\"As advanced AI models uncover software vulnerabilities faster than teams can patch them, the race is on to secure a shifting AI-powered cybersecurity landscape.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/ai-powered-cybersecurity-mythos-xbow-agentic-pen-testing\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Inside the race to adapt to an AI-powered security world\"> <meta property=\"og:description\" content=\"As advanced AI models uncover software vulnerabilities faster than teams can patch them, the race is on to secure a shifting AI-powered cybersecurity landscape.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/ai-powered-cybersecurity-mythos-xbow-agentic-pen-testing\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-06-04T14:42:30+00:00\"> <meta property=\"article:modified_time\" content=\"2026-06-04T14:42:33+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg\"> <meta property=\"og:image:width\" content=\"2121\"> <meta property=\"og:image:height\" content=\"1414\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@gregotto\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1778775768g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1780427069g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1775068334g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/89297\"><meta name=\"generator\" content=\"WordPress 6.8.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=89297\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fai-powered-cybersecurity-mythos-xbow-agentic-pen-testing%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fai-powered-cybersecurity-mythos-xbow-agentic-pen-testing%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-89297 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/ai-powered-cybersecurity-mythos-xbow-agentic-pen-testing\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.748711340206\">\n<div class=\"single-article__header-content\" readability=\"34.938337801609\">\n<p> AI is breaking things faster than anyone can fix them. Security leaders across the industry are racing to figure out what comes next. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/89297\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg 2121w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=2048,1365 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"110.90049152897\"><body readability=\"224.33150470219\"><\/p>\n<p>Troy West was in Warsaw when his dinner was interrupted by his phone. But he was happy about it.<\/p>\n<p>West, associate director of cybersecurity for autonomous offensive security company XBOW, had just learned that a trial version of the company\u2019s platform had found a vulnerability that led to a full takedown of a development environment used by Moderna, the pharmaceutical company primarily known for its work related to mRNA vaccines.<\/p>\n<p>It was, by most measures, exactly the kind of outcome a security team dreads. But for West and Farzan Karimi, Moderna\u2019s deputy CISO, it was something closer to a proof of concept. XBOW\u2019s product had done in hours what a human <a href=\"https:\/\/cyberscoop.com\/tag\/penetration-testing\/\">penetration tester<\/a> could not \u2014 and it had done so with a level of persistence and creativity that neither of them had fully anticipated.<\/p>\n<p>The episode is one data point in a much larger shift now rippling through the cybersecurity industry: The <a href=\"https:\/\/cyberscoop.com\/tag\/artificial-intelligence-ai\/\">artificial intelligence<\/a> models discovering <a href=\"https:\/\/cyberscoop.com\/tag\/vulnerabilities\/\">vulnerabilities<\/a> are moving faster than the teams that have to patch them.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Across recent conversations and presentations, industry experts said the tools are getting sharper, the attack surface is getting larger, and the gap between finding a problem and fixing it is not closing fast enough. For now, most organizations are caught between the speed of discovery and the slowness of remediation, with vendors across the industry rushing to position their products as the way through.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-a-shift-in-scale-nbsp\">A shift in scale <\/h4>\n<p>The inflection point came with <a href=\"https:\/\/cyberscoop.com\/tag\/mythos\/\">Claude Mythos<\/a>. When <a href=\"https:\/\/cyberscoop.com\/tag\/anthropic\/\">Anthropic<\/a> announced the highly guarded model, security executives at major enterprise technology companies took notice in a way they had not with prior frontier releases. <\/p>\n<p>Zscaler was among the early organizations given access to the model, and CEO Jay Chaudhry told CyberScoop that he directed his team to use it to probe the company\u2019s own applications.<\/p>\n<p>\u201cAre we finding some serious stuff? Yes, indeed,\u201d Chaudhry told CyberScoop at <a href=\"https:\/\/cyberscoop.com\/tag\/gartner\/\">Gartner<\/a>\u2019s Security & Risk Management Summit. He was careful to note that the findings were not necessarily more severe than those produced by other models. The issue, he said, was volume. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThere aren\u2019t enough resources and cycles to fix all those,\u201d he said. <\/p>\n<p>The reason Mythos changed the calculus, according to Tom Gillis, general manager for infrastructure and security products at <a href=\"https:\/\/cyberscoop.com\/tag\/cisco\/\">Cisco<\/a>, comes down to code complexity. Legacy network infrastructure was built on tens of millions of lines of code developed over decades, and earlier AI models lacked the context window and reasoning capacity to comprehend it in full.<\/p>\n<p>\u201cThe models couldn\u2019t understand the entirety of it before,\u201d he told CyberScoop. \u201cNow they can. That\u2019s why they\u2019re finding all these vulnerabilities.\u201d<\/p>\n<p>The problem runs deeper than application code. Firewalls and network switches often run for decades without updates or reboots, and many have never been <a href=\"https:\/\/cyberscoop.com\/tag\/patching\/\">patched<\/a> in any meaningful way. The combination of aging infrastructure and newly capable AI models has created what Gillis described as a meaningful and accelerating shift in attacker capability that the industry\u2019s existing operational rhythms were not built to absorb.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-an-opportunity-in-existing-technology-nbsp\">An opportunity in existing technology <\/h4>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Cisco\u2019s answer to the oncoming vulnerability deluge is a technology it calls Live Protect, a compensated control built on <a href=\"https:\/\/ebpf.io\/\">eBPF<\/a>, a Linux feature that lets security software operate at the kernel level to block threats without rewriting system code.<\/p>\n<p>\u201cIt\u2019s a pinpoint, laser-fine control that can shield a vulnerability on a production system,\u201d Gillis said. \u201cWe\u2019re not touching or modifying the binaries of that production system.\u201d<\/p>\n<p>The intent is to shrink the window between discovering a vulnerability and the next scheduled patch, allowing IT teams to fix issues without taking systems offline.<\/p>\n<p>\u201cThis is a finger in the dike that plugs a hole until you get to new change control windows,\u201d he said, acknowledging that some customers may be tempted to treat the shields as a permanent solution. <\/p>\n<p>The product has been shipping since October, but customer urgency shifted noticeably after Mythos. \u201cCustomers are like, \u2018Oh, good story, Tom. I\u2019ll think about it.\u2019 Now it\u2019s like, \u2018Oh my God, turn this thing on right now.\u2019\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>He also noted that eBPF is open source, and said he expects the broader industry to follow. <\/p>\n<p>\u201cWhile I\u2019m very proud of Cisco leading the market with these compensated controls, I know my competitors have to do this.\u201d<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-the-bot-that-broke-everything-nbsp\">The bot that broke everything <\/h4>\n<p>But shielding vulnerabilities only works if you know they exist. Karimi, the Moderna deputy CISO, faced a different problem: His vulnerability management system was surfacing hundreds of high-severity findings with no reliable way to know which ones an attacker could actually exploit. His team had skilled red-teamers, but they were finite resources. What he needed was something that could test continuously, everywhere.<\/p>\n<p>\u201cWe have some very senior red-teamers and pen-testers in our organization that are pointed in a specific direction,\u201d Karimi said during a presentation at the Gartner summit. \u201cXBOW is covering different attack stories for us.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>West, who leads offensive security for <a href=\"https:\/\/cyberscoop.com\/tag\/xbow\/\">XBOW<\/a>, describes the platform as a response to a structural problem in how offensive security has traditionally worked. Human testers scope an engagement, run it, write a report, and move on. The window between tests is where risk accumulates.<\/p>\n<p>\u201cHistorically you have exploit developers spending time finding the right vulnerabilities, writing the exploits, finding if those exploits are reachable, and then finding a way to chain them all together,\u201d West said. \u201cThat takes a long time.\u201d<\/p>\n<p>Given the realities, Karimi decided to put XBOW through a trial, which produced two notable findings.<\/p>\n<p>In the first, XBOW identified a web application firewall bypass on a company application built on the Spring Boot framework. The bypass involved encoding a single character (a capital \u201cA\u201d) as its percent-encoded URL equivalent (A), which the WAF interpreted as a legitimate request, allowing the bot unfettered access. <\/p>\n<p>The second finding, which was the cause for West\u2019s dinner interruption, was more consequential. West had provided XBOW with access to the source code of an internal application called Orders, used by Moderna\u2019s research partners to procure drug substances, but no login credentials. The platform identified a valid API key embedded in the source code, used it to authenticate, and then began probing the application\u2019s APIs for SQL injection vulnerabilities.<\/p>\n<p>What happened next was not entirely planned. One of those APIs handled a malformed SQL injection attempt in an unexpected way, dumping garbage data into a shared routing application that other services depended on.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cNot only was it able to kick that Orders app I showed you, but it somehow kicked over the entire ecosystem of apps,\u201d West said.<\/p>\n<p>Human pen-testers who reviewed the findings afterward confirmed they were valid, and said they would not have found them on their own. Karimi said despite the outage, his team recognized the value immediately.<\/p>\n<p>\u201cIf we\u2019re able to demonstrate where you could have an outage in a safe testing environment, that\u2019s a great signal,\u201d he said.<\/p>\n<p>The broader value, Karimi argued, is in forcing prioritization when bugs are discovered. \u201cIf you have exploit proofs, you can provide that plus-one modifier and really point your developers to remediate the top tier of real risk that\u2019s been validated.\u201d<\/p>\n<p>But he does worry about the volume of bugs that will be surfaced by these tools. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cHow do we now handle the volume of bugs that have gone up due to AI-driven scale?\u201d he said. \u201cThat\u2019s a whole other problem space.\u201d<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-a-broader-reckoning\">A broader reckoning<\/h4>\n<p>Across these conversations, a consistent theme was that even as defenders are trying to get arms around the forthcoming wave of bugs, it\u2019s going to be a tremendously uphill battle. That mirrors what some of the industry\u2019s top leaders have been saying for months. <\/p>\n<p>It also mirrors what the model developers themselves have consistently been warning about. In its announcement about expanding access to Mythos, Anthropic admitted the timeline for a publicly available tool similar to its cybersecurity-focused model is shortening, and there are no guarantees it will be released with safeguards. <\/p>\n<p>\u201cIn that world, cyberattacks could occur much more often, and in much more unpredictable forms,\u201d the blog post reads.<\/p>\n<p>Gillis was blunter about what happens to organizations that don\u2019t move. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cSome people will be slow to change,\u201d he said. \u201cBut the consequence of not making that change is gonna be front-page news. It\u2019s a massive, massive compromise. You know, like, \u2018you gave up every credit card number.\u2019 Bummer.\u201d<\/p>\n<p> <\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.6844197138315\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/06\/inside-the-race-to-adapt-to-an-ai-powered-security-world-1.jpg?w=640&ssl=1\" alt=\"Greg Otto\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Greg Otto<\/h4>\n<p> Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/ai-powered-cybersecurity-mythos-xbow-agentic-pen-testing\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Inside the race to adapt to an AI-powered security world<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[235,2381,384,1764,78,6824,4135,6410,2797,6331,643,6704],"tags":[236,2384,388,1769,86,6825,4139,6412,2801,6336,645,6706],"class_list":["post-8717","post","type-post","status-publish","format-standard","hentry","category-ai","category-anthropic","category-artificial-intelligence-ai","category-cisco","category-cybersecurity","category-ebpf","category-gartner","category-mythos","category-penetration-testing","category-project-glasswing","category-vulnerabilities","category-xbow","tag-ai","tag-anthropic","tag-artificial-intelligence-ai","tag-cisco","tag-cybersecurity","tag-ebpf","tag-gartner","tag-mythos","tag-penetration-testing","tag-project-glasswing","tag-vulnerabilities","tag-xbow"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ai\/\" rel=\"category tag\">AI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/anthropic\/\" rel=\"category tag\">Anthropic<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/artificial-intelligence-ai\/\" rel=\"category tag\">artificial intelligence (AI)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cisco\/\" rel=\"category tag\">Cisco<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ebpf\/\" rel=\"category tag\">ebpf<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/gartner\/\" rel=\"category tag\">Gartner<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/mythos\/\" rel=\"category tag\">Mythos<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/penetration-testing\/\" rel=\"category tag\">penetration testing<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/project-glasswing\/\" rel=\"category tag\">Project Glasswing<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/vulnerabilities\/\" rel=\"category tag\">vulnerabilities<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/xbow\/\" rel=\"category tag\">XBOW<\/a>","tag_info":"XBOW","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8717","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8717"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8717\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8717"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8717"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8717"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8717,"date":"2026-06-04T09:42:30","date_gmt":"2026-06-04T14:42:30","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=89297"},"modified":"2026-06-04T09:42:30","modified_gmt":"2026-06-04T14:42:30","slug":"inside-the-race-to-adapt-to-an-ai-powered-security-world","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/06\/04\/inside-the-race-to-adapt-to-an-ai-powered-security-world\/","title":{"rendered":"Inside the race to adapt to an AI-powered security world"},"content":{"rendered":"