Two recent reports present contrasting perspectives. One argues that security tools are failing to meet the actual needs of security teams. The other contends that the necessary tools already exist but are being poorly managed.
Cybercrime has become increasingly industrialized, posing a growing threat to cyber defenses. This trend began before ChatGPT emerged, was dramatically accelerated by the rise of artificial intelligence, and now defines what’s known as the post-Mythos era. In this landscape, defenders must significantly enhance their capabilities—or risk losing ground to adversaries. Applications have become the primary battleground. AI-powered attacks are faster, more widespread, and more sophisticated than ever, making them extremely difficult to defend against.
“AI isn’t just introducing new vulnerabilities—it’s revealing that organizations simply can’t patch known flaws quickly enough,” says Daniel Shechter, CEO and co-founder of Miggo Security. “For years, security success was measured by how effectively teams identified risks before software launched. But with frontier AI like Mythos, the critical question has shifted: If attackers can go from discovering a vulnerability to exploiting it in just hours, how long is the business left exposed—and what steps can be taken to reduce that window efficiently?”
This new reality is confirmed in the Cloud Security Alliance (CSA) State of Modern Application and AI Security report (PDF), sponsored by Miggo and released on June 2, 2026. The survey of over 900 cybersecurity leaders found that in the post-Mythos era, vulnerabilities are increasingly slipping past pre-production safeguards, while 82% of organizations lack adequate visibility into threats during runtime.
“The real challenge starts once applications are live,” Shechter adds. “Security teams must quickly assess which vulnerabilities are actually exploitable, focus on the most critical risks, and act before attackers strike.”
Most breaches stem from known vulnerabilities. In fact, 80% of surveyed companies experienced at least one incident tied to a known flaw in the past year. While these issues are typically patchable, the sheer volume in the post-Mythos era makes timely remediation overwhelming. The core problem isn’t just patching—it’s identifying which vulnerabilities are truly exploitable and require immediate attention.
Only 9% of organizations fix critical vulnerabilities within 24 hours; 74% take between one and seven days. Response time matters: Companies taking four or more days to patch had a 97% incident rate, compared to 67% for those acting within three days or less. This highlights the urgent need to accelerate patching and improve understanding of exploitability—ideally both.
The situation becomes even more pressing during runtime, often described as the “breach battlefield.” Most organizations only reconstruct what happened after an incident has already occurred. While 73% would adopt virtual patching if they could trust it to generate few false positives, only 17% have configured their web application firewalls (WAFs) for automatic blocking—with 56% citing insufficient application context as the main barrier.
Given these runtime challenges, 42% of organizations plan to boost investment in runtime monitoring and protection in the coming years. However, prevention remains the priority: 52% of security spending still goes toward pre-production measures like CI/CD pipeline protection.
The path forward is clear: better visibility into which vulnerabilities are exploitable, combined with deeper contextual understanding of applications and their impact on business continuity, would enable autonomous patching for many issues and greater confidence in automated blocking.
A separate report from FireMon Insights, also published on June 2, 2026, offers a complementary view. It suggests that concerns about automated firewall use are understandable but stem largely from insufficient human oversight. While the report focuses on firewalls broadly, its findings apply equally to WAFs.
“Technologies like Mythos are exposing an unavoidable truth: any connected system is vulnerable,” says Jody Brazil, CEO of FireMon. “As AI speeds up and scales attacks, firewalls, network segmentation, and policy governance become more crucial than ever. Our data shows most organizations still lack the operational control needed to manage security policies consistently across hybrid environments. That’s why segmentation, microsegmentation, and continuous policy governance are becoming essential for shrinking the attack surface and limiting damage.”
The report concludes that manual policy management is inefficient and allows risks to grow unchecked—driven by persistent high-severity policy failures and bloated rule sets filled with unused or redundant entries.
FireMon attributes the issue not to flawed technology but to poor human management. For example, 45% of firewall rules have no assigned owner or documentation, 17% are redundant or shadowed, and 69% are never used.
“Firewall complexity isn’t just an operational headache—it’s a control failure,” Brazil adds. “Organizations have invested heavily in firewalls, cloud platforms, and segmentation tools, but without proper policy governance, these environments become insecure by default. The problem isn’t missing tools—it’s missing operational control.”
While this points to ways to improve firewall usage, the report doesn’t address a key concern: the fear that poorly contextualized blocking rules could disrupt business operations—a central challenge in strengthening application security.
The two reports offer slightly conflicting diagnoses. The CSA report implies that current security tools fall short of delivering what teams truly need, while the FireMon report argues the tools are adequate but mismanaged.
Related: Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks
Related: The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security
Related: New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise
Related: Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards
