AI models can help discover software vulnerabilities even faster than previously expected.
In a blog post Wednesday, Lee Klarich, chief product and technology officer at Palo Alto Networks, shared PAN’s insights into how frontier AI models are impacting cybersecurity.
Palo Alto Networks is one of the few companies testing Anthropic’s Claude Mythos model as a launch partner starting April 7th. project glasswing. In addition to Claude Mythos, Klarich said the company is also testing Claude Opus 4.7 and OpenAI’s GPT 5.5-Cyber.
Palo Alto Networks released its first set of Patch Wednesday security advisories, disclosing 26 common vulnerabilities and exposures, compared to about five typically, Kralich said, noting that none of the newly disclosed vulnerabilities are currently being exploited in the wild.
Klarich cautioned that simply running either model will not automatically solve the vulnerability problem. Organizations must build “AI scanning harnesses, context, guardrails, and leveraging threat intelligence” to discover and remediate these flaws at scale. Security teams also need to develop a “multimodal approach” to identify a superset of vulnerabilities, he said.
The long-term effort is to further incorporate these models into the software development lifecycle. “This is the light at the end of the tunnel,” Kralich said in a blog post. “A future where software is secure by design.”
He warned that organizations have a narrow window of “three to five months” to gain an advantage over their adversaries, as AI exploitation is likely to become the new normal.
On Monday, researchers Google Threat Intelligence Group We reported that AI was being used to develop a working zero-day exploit. And on Tuesday, Microsoft said: 16 new vulnerabilities discovered across the company’s networking and authentication stack, including four critical remote execution flaws.
