When Anthropic revealed Claude Mythos — a model that can locate and exploit zero-day vulnerabilities across essentially every major operating system and web browser at industrial speed — the security industry reacted with something close to panic. And the panic is understandable. Mythos was withheld from public release specifically because of its offensive capability. Meanwhile, real AI-orchestrated intrusions are already happening: campaigns where 80–90% of the operation — reconnaissance, vulnerability discovery, exploitation, lateral movement, exfiltration — runs autonomously, at a speed no human red team can match.

The instinct everywhere is the same: patch faster. Find your vulnerabilities before the AI does. Close them before it gets there.

That's a race you cannot win. An adversary running a Mythos-class model finds and weaponizes flaws faster than any patch cycle. If your defense depends on being faster than the machine at fixing exposed weaknesses, you have already lost.

But there's a different question worth asking — the one AppGate customers answered years ago.

Every exploit begins with reconnaissance

Strip an AI-driven attack down to its skeleton and the first step never changes: the attacker has to find a target it can reach. Before Mythos can exploit a service, it has to see the service. It scans. It maps ports. It fingerprints what's listening. Only then does its real talent — finding and chaining vulnerabilities — come into play.

That reconnaissance step is the load-bearing assumption under every automated attack. And it's exactly the assumption that infrastructure cloaking removes.

What cloaking actually does

AppGate ZTNA is built on Single Packet Authorization (SPA). Every internet-facing resource — gateways, controllers, the applications behind them — stays completely invisible until the network receives a single, cryptographically valid packet. Only a client that has been seeded with the right cryptographic secret can generate that packet. Everything else is met with silence.

To a port scanner, there is nothing there. No open ports. No banner to fingerprint. No listening service to probe. The infrastructure is dark.

This is the fundamental reason AppGate is not a VPN. A VPN — even a "secure" one — still exposes a listening endpoint to the entire internet. That endpoint is a target: something to scan, fingerprint, and attack. It's precisely the kind of exposed surface a Mythos-class model eats for breakfast. SPA leaves no such door. There's nothing to knock on because, to an unauthorized scanner, the wall isn't even there.

Now point the AI at a cloaked network

Give a Mythos-class attacker the most capable vulnerability-hunting engine ever built and aim it at a network protected by SPA. The attack begins the only way it can — with reconnaissance. The scan goes out.

And nothing comes back.

There are no services to enumerate, no versions to fingerprint, no exposed endpoints to test exploits against. The AI's defining strength — finding and exploiting reachable weaknesses at machine speed — has nothing to act on, because there is nothing reachable to find. You cannot exploit what you cannot see. The exploit chain dies at step zero, before the model's brilliance is ever brought to bear.

The AppGate customer didn't have to out-patch the machine. They removed the surface the machine depends on.

Cloaking isn't a force field — and that's the point

Let's be honest about what cloaking does and doesn't do, because overselling it would be its own kind of failure.

Cloaking removes your exposed, internet-facing reconnaissance and exploitation surface — the single most valuable thing to an automated attacker. What it doesn't do is make you immune to everything. A convincing phishing email can still land. An insider can still turn. A poisoned dependency can still slip into your supply chain. Those paths don't start with an internet scan, so cloaking alone won't stop them.

That's why Zero Trust doesn't end at the cloak — it's the first layer, not the only one:

Assume breach. Verify everything. Cloak what you can, and contain what gets through.

Ready before it had a name

The unsettling truth about Mythos is that it didn't introduce a new kind of attack — it industrialized an old one. Reconnaissance, vulnerability discovery, exploitation, lateral movement: the playbook is decades old. Mythos just runs it at a speed and scale that makes "patch faster" a fantasy.

Which means the defense was never going to be a faster patch cycle. It was going to be an architecture that denies the playbook its first move. Customers who deployed cloaked, identity-driven Zero Trust access weren't preparing for Mythos specifically. They were removing their exposed attack surface as a matter of principle — and in doing so, they were ready for Mythos before it had a name.

The question isn't whether the machines will get faster at finding exposed weaknesses. They will. The question is whether you'll still be exposed when they do.


Curious where you stand? Take the 2-minute Zero Trust readiness quiz, or see what cloaked ZTNA + SentinelOne costs — bundled, and less than buying either alone.