Small models also found the vulnerabilities that Mythos found (aisle.com)

In a recent exploration of AI cybersecurity, researchers confirmed that smaller and more cost-effective models can identify vulnerabilities similarly to Anthropic's advanced model, Mythos. Anthropic had announced the Mythos Preview and Project Glasswing on April 7, showcasing its capability to autonomously detect thousands of zero-day vulnerabilities across major operating systems. Their findings included sophisticated exploit construction for vulnerabilities in Linux and browser environments. However, follow-up tests demonstrated that less sophisticated models—some costing as little as $0.11 per million tokens—were also able to detect these vulnerabilities effectively, suggesting that the performance of these AI models in cybersecurity isn’t strictly dependent on their size or sophistication. This realization is significant for the AI/ML community as it challenges the notion that only cutting-edge models can navigate the complex tasks of vulnerability detection and patching. The research highlights a "jagged frontier" in AI capabilities, where smaller models can outperform or match larger models across various tasks. This suggests that deploying multiple less expensive models for broad coverage might yield better results than relying on a single powerful model. The implication is that the economics of AI deployment in cybersecurity could shift dramatically, making it more efficient and accessible while emphasizing the importance of the systemic approach to integrating AI within security frameworks.