Anthropic’s Claude Mythos looks scary strong for cybersec, but cheaper AI models may be good enough
Anthropic’s new Claude Mythos model came in with big boss energy, with claims that it can help uncover serious vulnerabilities across major browsers and operating systems. It also sits at the centre of Project Glasswing, a programme where Anthropic works with major tech companies to fix issues before the model gets wider exposure.
Sounds wild, but the latest research says the story is not as simple as “Mythos clears everyone.”
A paper from Aisle argues that while Mythos may be one of the strongest overall AI models for cybersecurity work, it is not miles ahead of the field. In some cases, cheaper and more accessible models can already do a lot of the same job.
That includes open or more affordable options such as GPT-OSS-120B, Qwen3 32B, and Kimi K2, which Aisle says were also able to detect several of the headline-grabbing flaws linked to Mythos. The bigger point from the paper is pretty straightforward: cybersecurity is not one single task.
Finding a bug, confirming it, figuring out how it could be exploited, and then helping patch it are all different stages. A model that is amazing at one part is not automatically the best at everything. Aisle’s view is that factors like cost per token, speed, and how the whole security workflow is set up matter just as much as raw model intelligence.
For teams in Malaysia and the wider SEA region, that matters a lot. Most companies here, whether they are game studios, esports platforms, app developers, or enterprise tech teams, do not have infinite budget to throw at the most premium AI stack. If lighter models can deliver most of the value for less money, that is a much more realistic path for local companies trying to improve security without burning cash.
There is another side to this, though. Research from the UK AI Security Institute (AISI) reportedly found that Mythos does pull ahead on harder cybersecurity benchmarks, especially in more complex vulnerability discovery and exploitation tasks. Part of that advantage comes from its ability to handle very large context windows, with testing going up to 100 million tokens. AISI’s view is that Mythos may improve even further if given even more inference compute.
So yes, Mythos may genuinely be elite. The problem is that elite usually means expensive.
Anthropic has not published Mythos pricing, but the Tom’s Hardware report notes that the second-best model in AISI’s testing was Claude Opus 4.6, which is already considered one of Anthropic’s pricier offerings. If Mythos ends up costing even more, companies will have to ask a very practical question: is the final performance gain worth the bill?
That question becomes even more important when uptime enters the chat. According to the report, Anthropic’s models had 98.4% uptime over the last 90 days at the time of writing. In normal consumer use, that might not sound disastrous. In enterprise cybersecurity, that is not great. The benchmark serious cloud buyers usually want is 99.99% uptime.
Why should regular readers care? Simple. Better AI security tools could help companies patch vulnerabilities faster in products people actually use every day, from game launchers and payment systems to community platforms and cloud services. But if the strongest model is too expensive or not available reliably, many teams may choose cheaper tools that are “good enough” instead.
That is why Mythos feels less like a clean knockout and more like a warning shot. Anthropic may have one of the best cyber models in the game right now, but the market is already showing that price, reliability, and workflow fit matter just as much as flashy benchmark wins.
For SEA, that is probably the real takeaway. The winner may not be the model with the loudest launch, but the one companies here can actually afford, run consistently, and deploy at scale.
Source: Tom's Hardware
