I mean, we can read the Firefox article to get some hard data on this:
* Yes, they were already finding stuff with Opus 4.6
* However, their breakdown was 1/3 traditional methods, 1/3 Mythos and 1/3 every other AI model.
To put it a different way, we now have roughly three times as many eyes rendering our bugs shallow. Or, to use the framing of the article, AI doubled the number, Mythos added another 50% on top.
This article is purely qualitative, but the quantative stuff matters.
Finding vulnerabilities everywhere doesn't need any skills and more, nor Mythos.
See https://github.com/Swival/security-audits/ for examples, which are automated security audits just made with swival.dev /audit command, and includes audits of large code bases such as the entire OpenBSD base system.
To put it a different way, we now have roughly three times as many eyes rendering our bugs shallow. Or, to use the framing of the article, AI doubled the number, Mythos added another 50% on top.
This article is purely qualitative, but the quantative stuff matters.
See https://github.com/Swival/security-audits/ for examples, which are automated security audits just made with swival.dev /audit command, and includes audits of large code bases such as the entire OpenBSD base system.