Back to Blog
Inside the SOC

AI SOC, Mythos, and Next-Gen LLMs

Dark illustration digital tree built from cascading teal data glyphs, with red malicious nodes scattered through its branches and a glowing red threat marker at the trunk, visualizing how an AI SOC investigates vulnerability chains and AI-augmented attacks
TL;DR

Claude Mythos shows that frontier AI models can find novel software exploits faster than vendors can patch them, and open-weight equivalents without safety guardrails are already in the wild. Detection rules can't catch what has no signature, but every attacker still has to do something once they're inside. An AI SOC that investigates every alert end-to-end, treats it as a true positive until proven otherwise, and runs proactive threat hunts is how defenders stay ahead.

In light of the recent news about Claude Mythos, customers have started to reach out with both general and board-level questions about Mythos and what AI-augmented attacks mean for Dropzone's current product and roadmap. The good news is that Dropzone's architecture is already built for exactly this scenario.

Why Claude Mythos matters for the AI SOC

A quick summary of Claude Mythos: Anthropic is releasing a model it claims is so good at finding exploits that it had to give it away to top cybersecurity companies (CrowdStrike, Palo Alto Networks, etc) before releasing it to the public so they could test their own products against it to find novel security vulnerabilities and patch them before Mythos was released to the public.

While Anthropic has chosen to gate Mythos behind Project Glasswing and restrict public access, that restraint won't last industry-wide. Other frontier labs are closing the gap fast, and open-weight models, which can be downloaded, run privately, and stripped of any safety guardrails, are already proliferating.

Within days of Google releasing Gemma 4 in early April, uncensored variants were appearing on public repositories. The question isn't whether less restricted models with similar capabilities will exist. It's when.

While the top cybersecurity and infrastructure companies will have patched their most recent releases by the time Mythos is released to the public, there are still major gaps:

  • If Mythos is as powerful as Anthropic claims then companies like Palo Alto Networks, CrowdStrike, or Microsoft may still miss something that attackers will be able to exploit
  • There are tons of other companies who will not have had the opportunity to test their bespoke software against Mythos
  • These fixes still require patching by end users, which as we know can take days, weeks, or even months
  • Models with similar capabilities but no safety restrictions or coordinated disclosure commitments are already emerging, and adversaries using them won't give defenders any head start at all

This is where the investigation layer becomes critical.

How an AI SOC exposes the undetectable

In my last Dropzone blog post, I talked about how Dropzone was able to escalate a suspicious defender alert to the top of the investigation queue, ultimately alerting the customer to the Axios supply chain attack. Dropzone was able to do this because it looks at every alert like a skilled human analyst and is not reliant on detections or behavior analysis to come to its verdict. The same will be true in the future with zero days exploited by Mythos: the traditional tooling will miss the severity of the initial action but there will still be breadcrumbs to follow.

Mythos will unleash a flood of zero days across companies not using the products of the few who got early access to Mythos and anything that slips through the cracks of their head start on testing. This is inevitable. Timelines for exploitation of newly disclosed vulnerabilities will compress dramatically.

However once attackers are in they'll still have to do something. Running a complete investigation on every alert will become even more critical as connecting the dots at scale becomes the name of the game. A seemingly low priority alert may be hinting at something far more nefarious.

Dropzone runs full end-to-end investigations on every alert from any system, asks questions like an elite analyst, and can query and ask questions of both included threat intelligence and any system you give Dropzone access to about the alert. So let's walk through what this looks like in practice.

What an AI-augmented attack looks like in practice

Our attacker isn't a nation-state or elite red team. They're a moderately skilled actor who, until recently, wouldn't have had the capability to pull off what comes next.

Our attacker uses an advanced LLM to gain initial access. The LLM exposes a unique zero day via vulnerability chaining to get access to a vulnerable system.

Because the entry was achieved through a novel exploit with no known signature, traditional detection methods have nothing to report on: no matching rule, no anomalous behavior to be picked up. The attacker is already inside before any tool has registered that something happened.

However, once in, the attacker needs to pull down their tooling and abuse a native OS binary to cover their footprints. The EDR pops an alert on suspicious process execution on a legitimate system binary, certutil.exe.

It's the kind of alert that gets deprioritized constantly. Certutil and similar binaries generate false positives all the time in enterprise environments, and admins use them legitimately.

This is the kind of alert that will sit at the bottom of a queue for hours while an attacker is doing legitimate harm.

However Dropzone investigates every alert as they come in, treating them as true positives until proven otherwise.

What questions does an AI SOC ask during an alert investigation?

Dropzone asks an array of questions over the course of the investigation. In the case of our suspicious process it might ask:

  • What's the full command line and process tree?
  • Has this host shown any other low-or-medium severity alerts in the last 48 hours that were individually dismissed?
  • Is the destination IP/domain in any threat intel feeds, and if not, when was it registered and does it have any other characteristics of attacker infrastructure?

To answer these questions it will rely on its ability to collect evidence from different sources. For any system involved in this alert or data lakes containing valuable information Dropzone can create a query on the fly to answer these questions.

These queries aren't hard coded by the humans behind the curtain. We teach Dropzone to be an expert query writer and give it tips but the queries are flexible and dynamic.

The answers come back and they aren't looking good:

  • Process tree looks automated. The certutil call wasn't launched by a user clicking something. It was spawned by cmd.exe, which was spawned by wmiprvse.exe (WMI provider), which means something executed it remotely.
  • Other dismissed alerts on the same host. There was a failed login alert 6 hours ago that was closed as routine, and a new scheduled task creation 2 hours ago that was classified low severity.
  • Destination is suspicious infrastructure. The domain was registered 9 days ago, is hosted on a VPS provider popular with threat actors, has no legitimate web content, and doesn't appear in any threat intel feeds yet.

With this evidence (and much more) Dropzone is able to confirm that this alert is a true positive and needs urgent attention. Dropzone alerts the relevant humans with a fully investigated alert.

Analysts can skip the hour of manual triage and go straight to response:

  • Isolate the host
  • Block the command and control infrastructure
  • Start scoping the blast radius across the environment

These responses can be done directly from the Dropzone console or fed into a SOAR tool.

How do you find compromises when there's no visible source?

But there's still an open question in this scenario. The analyst has a confirmed compromise and a contained host but they don't know how the attacker got in.

The initial entry point is invisible. There's no alert that explains it. That's what a zero-day looks like from the defender's side: post-compromise activity with no visible source.

This surfaces a harder problem: how do you proactively find whether you've already been compromised, and where your weak points are? As AI-generated exploits compress attack timelines, proactive hunting becomes table stakes.

When novel zero-days are the entry vector, you can't rely on detection rules to trace the origin. You have to go looking. Historically, that meant a dedicated threat hunting team or an MDR contract, and most organizations don't have those resources.

Why proactive AI threat hunting is now table stakes

Dropzone's AI Threat Hunter, entering beta soon, is built to close this gap. Threat Hunter runs proactive, AI-driven hunts across your environment around the clock, building novel hunts as new threat intelligence emerges, whether the attack vector is AI-generated or not.

It does two things well:

  • Finds attack vectors and delivers actionable recommendations to close them
  • Surfaces issues like visibility gaps, misconfigurations, vulnerabilities, and policy violations

As the bar for launching novel attacks gets lower, Dropzone AI Threat Hunter brings the bar for threat hunting down to match.

Frequently asked questions

What is Claude Mythos?
Claude Mythos is an Anthropic model designed to find software exploits at frontier capability. Anthropic limited initial access to top cybersecurity vendors so they could harden their products before public release. Project Glasswing reflects coordinated disclosure, but similar capabilities will soon appear in less restricted forms, including open-weight models without safety guardrails, removing any head start defenders had.
What is an AI SOC and how is it different from a traditional SOC?
An AI SOC is a security operations model where AI agents investigate alerts, run threat hunts, and respond around the clock. Traditional SOCs depend on detection rules, signatures, and behavior analysis to flag what's suspicious. An AI SOC reasons like an analyst, queries systems on demand, and treats every alert as a possible true positive until evidence proves otherwise.
How do AI-augmented attacks change defense priorities?
AI-augmented attacks compress the time between vulnerability discovery and mass exploitation. Traditional detection misses novel zero-days because there's no signature to match. The defense priority shifts from blocking initial access to investigating every alert end-to-end, correlating low-severity signals across hosts, and proactively hunting for compromises before they escalate into full incidents.
What is vulnerability chaining?
Vulnerability chaining is when an attacker combines multiple lower-severity flaws to achieve a serious outcome, like full system access. AI models accelerate this by mapping flaw relationships at machine speed. The resulting exploit often has no signature in any threat intel feed, which means initial access leaves no detectable trace and defenders must rely on post-compromise investigation to catch it.
How does Dropzone AI investigate an alert end-to-end?
Dropzone's AI agents pull process trees, correlate dismissed alerts on the same host, query threat intel feeds, and check destination infrastructure. They ask the questions a senior analyst would ask, write queries dynamically against any connected system, and deliver fully investigated alerts so analysts can skip manual triage and move straight to containment and response.
headshot of Ethan Packard
Ethan Packard
Technical Marketing Engineer

Technical marketing leader with 10+ years across SOC operations, SOAR, SIEM, and AI-driven security platforms. Proven ability to translate deep hands-on expertise into demos, technical content, enablement assets, and competitive narratives that accelerate sales, influence product direction, and resonate with security practitioners.Background spans startup → acquisition → the leading cybersecurity companies with direct ownership of demos, videos, POC guides, and field-facing content for enterprise and mid-market buyers.

Read More

Self-Guided Demo

Test drive our hands-on interactive environment. Experience our AI SOC analyst autonomously investigate security alerts in real-time, just as it would in your SOC.
Self-Guided Demo
A screenshot of a dashboard with a purple background and the words "Dropzone AI" in the top left corner.

Read More from the Category

Dark illustration digital tree built from cascading teal data glyphs, with red malicious nodes scattered through its branches and a glowing red threat marker at the trunk, visualizing how an AI SOC investigates vulnerability chains and AI-augmented attacks
Inside the SOC

AI SOC, Mythos, and Next-Gen LLMs

Claude Mythos signals a shift in AI-powered attacks. Here's how an AI SOC investigates every alert, exposes zero-day exploits, and contains the blast radius.
Ethan Packard
May 8, 2026
Inside the SOC

Make Dropzone Agents Execute Your Strategic Direction

Customize your AI SOC Analyst with three levers: Scope of Work, Authorization, and Business Context. A practitioner's guide to tuning Dropzone.
Tyson Supasatit
May 7, 2026
Inside the SOC

Monday Morning, 2030: A Day in the Life of the Agentic SOC

Walk through a Monday in an agentic SOC. AI agents investigate alerts, run overnight hunts, and operationalize intel while you focus on strategy.
Tyson Supasatit
May 4, 2026
Copyright © Dropzone AI 2026. All Rights Reserved.