The artificial intelligence (AI) model “Mythos,” developed by Anthropic, has shocked the world with its ability to detect security vulnerabilities, a phenomenon dubbed the “Mythos shock.” In response, Amazon has introduced a new AI security tool designed to remedy security flaws. As big tech companies that have been competing over AI model performance now confront one another in the security domain, observers assess that the AI hegemony war among big tech is entering “round two.”

● From detecting vulnerabilities to applying patches… surge of AI tools targeting enterprise customers

On 17 June (local time), Amazon Web Services (AWS) unveiled “AWS Continuum,” an AI tool that remedies security weaknesses in software code. Continuum autonomously prioritizes security vulnerabilities detected in program code by risk level, verifies whether they can actually be exploited, and even generates the patches needed to fix them. Whereas earlier AI systems focused on finding security vulnerabilities, Continuum’s defining distinction is that it can also generate “security patches” for those vulnerabilities. In a security blog, AWS explained the development background, stating, “AI models such as Mythos can identify software vulnerabilities at machine speed and infer complex attack paths, causing the number of discovered security vulnerabilities to increase exponentially.”

AWS is not the only company to launch AI tools specialized in security recently. In May this year, Microsoft also released “MDASH” (Multi-model Agentic Scanning Harness), which uses multiple AI agents to detect and respond to security vulnerabilities. According to Microsoft, MDASH deploys more than 100 specialized agents that handle vulnerability discovery, verification, and proof of exploitability.

As Mythos has rapidly uncovered security vulnerabilities that humans failed to find over decades, it has exposed how existing software security systems are far from secure, quickly intensifying security concerns among enterprises. This is why AWS and Microsoft, both major players in the global cloud market, have moved faster than anyone else to roll out AI tools for security patching.

With security emerging as a critical metric in the AI enterprise market, security evaluation frameworks are drawing significant attention alongside various “benchmarks” used to assess AI computation and inference performance. According to CyberGym, a leading metric, Microsoft’s MDASH currently ranks as the most secure model, followed by Anthropic’s Mythos, OpenAI’s “GPT-5.5” and “GPT-5.4,” and China’s Zhipu AI “GLM-5.1.”

● Korean government also building defense systems as ‘security alarm’ sounds

Experts note that public infrastructure is also a primary target for cybercriminal organizations, making national-level responses to effectively defend against cyberattacks increasingly important. In this context, the Ministry of Science and ICT announced on 18 June that it had signed a memorandum of understanding (MOU) with Anthropic for cooperation on AI safety and cybersecurity. The two parties plan to analyze the impact of AI on cyber offense and defense and pursue autonomous AI agent red-team evaluations (adversarial testing to probe for vulnerabilities), among other initiatives.

The National AI Strategy Committee on the same day announced plans to flesh out institutionalization of a “Permanent Vulnerability Reporting and Remediation System.” Under this system, white-hat hackers are allowed to probe the systems of operating companies and institutions within an approved scope, report discovered security vulnerabilities, and support remediation. A pilot program is currently underway with 15 companies and institutions.

In the private sector, a total of 27 companies, including Dunamu, LG Uplus, POSCO DX, SK AX, Hyundai Motor Group, LG Electronics, the Korea Financial Telecommunications & Clearings Institute, and cybersecurity firm Theory, launched “Project Canopy” on 17 June as a cooperative body for sharing AI security technologies.

Meanwhile, the U.S. government continues to control exports of Anthropic’s “Mythos 5” and “Fable 5,” citing national security. The measure is reportedly rooted in the fact that Amazon researchers succeeded in bypassing the safety mechanisms of Fable 5—designed to prevent its misuse in cybercrime—and then notified the government of their findings.

Popular News