Will It Mythos?
Key takeaways
- OK, so Mythos finds really challenging security bugs, right?
- But, are they telling the truth about how good it is at finding security vulnerabilities or is it just more hype?
- A while back, I built a tool to automate bug hunting in my own projects called Nelson, and I d already noticed there are surprising differences in the various models and how effectively they identify bugs.
OK, so Mythos finds really challenging security bugs, right? That s why it s cordoned off from the hoi polloi, to protect the world from such a powerful finder of exploits.
I am skeptical of the reasons given publicly, I suspect it s really just so much more expensive to operate than their current models that they don t want to offer it broadly, yet, given the difficulty they ve had growing capacity to keep up with use. But, are they telling the truth about how good it is at finding security vulnerabilities or is it just more hype?
A while back, I built a tool to automate bug hunting in my own projects called Nelson, and I d already noticed there are surprising differences in the various models and how effectively they identify bugs. But, I wanted hard numbers. So, I (actually mostly Claude) cooked up a benchmark suite that borrows some code from Nelson.