Sunil

𝗧𝗵𝗿𝗲𝗲 𝗶𝗻𝗰𝗶𝗱𝗲𝗻𝘁𝘀. 𝗧𝗵𝗿𝗲𝗲 𝗰𝗼𝗺𝗽𝗮𝗻𝗶𝗲𝘀. 𝗢𝗻𝗲 𝘂𝗻𝗱𝗲𝗿𝗹𝘆𝗶𝗻𝗴 𝗽𝗮𝘁𝘁𝗲𝗿𝗻. Vercel. Lovable. Vimeo. In each case, the breach wasn't in the target's own code. It was in a third-party tool with token-based access into connected environments. Once the token was compromised, the blast radius was defined by what that token was allowed to do. 𝗜𝗻𝗶𝘁𝗶𝗮𝗹 𝗮𝗰𝗰𝗲𝘀𝘀 𝘀𝗲𝘁𝘀 𝘁𝗵𝗲 𝗲𝗻𝘁𝗿𝘆 𝗽𝗼𝗶𝗻𝘁. 𝗘𝗻𝘁𝗶𝘁𝗹𝗲𝗺𝗲𝗻𝘁𝘀 𝘀𝗲𝘁 𝘁𝗵𝗲 𝗯𝗹𝗮𝘀𝘁 𝗿𝗮𝗱𝗶𝘂𝘀. In practice: service principals accumulate permissions. Third-party integrations inherit broad access. Tokens sit dormant until they don't. When something goes wrong, permissions decide how bad it gets. averlon.ai/blog/when-perm…

𝗖𝗹𝗮𝘂𝗱𝗲 𝗠𝘆𝘁𝗵𝗼𝘀 𝗿𝗲𝗮𝗱𝗶𝗻𝗲𝘀𝘀 𝗰𝗼𝗻𝘃𝗲𝗿𝘀𝗮𝘁𝗶𝗼𝗻𝘀 𝗱𝗼𝗻’𝘁 𝘀𝘁𝗮𝗿𝘁 𝘄𝗶𝘁𝗵 𝗔𝗜. 𝗧𝗵𝗲𝘆 𝘀𝘁𝗮𝗿𝘁 𝘄𝗶𝘁𝗵 𝗿𝗲𝗺𝗲𝗱𝗶𝗮𝘁𝗶𝗼𝗻 𝗮𝗻𝗱 𝗿𝗲𝘀𝗽𝗼𝗻𝘀𝗲 𝗿𝗲𝗮𝗱𝗶𝗻𝗲𝘀𝘀. The first vulnerabilities surfaced at scale likely won’t be in proprietary code. They’ll be in the vendor software and open-source components organizations already depend on. As Sunil Gottumukkala (@sunilgot) put it, the real readiness questions are simpler: • Can you remediate critical systems in near real time? • Can you assess exploitability in your own environment? • Do you have a complete software inventory, including dependencies? • Can your team sustain a surge in remediation and malicious activity? • Do you have pre-authorized containment actions? Most organizations haven’t pressure-tested these. That’s where readiness starts. More here: secureworld.io/industry-news/…

Most AI agents judge findings one at a time. Security risk often doesn't work that way. Take a distributed storage system deployed across worker nodes in Kubernetes. Each node may show the same misconfigurations: permissive security contexts, host-path mounts, and broad capabilities. Viewed in isolation, each looks like a separate problem. But those findings stem from a shared operational cause. The software legitimately requires elevated privileges, and that context should carry across every node running it. Without joint evaluation, an agent may accept the pattern on one node and flag the identical pattern as dangerous on another. Same environment. Same pattern. Different verdict. That’s the consistency problem. Sahil Garg (@sahil_garg_cs) and Vishal Agarwal (@vishalagarwa6c) address it with Judge Agent Forest (JAF): cohort-based reasoning instead of isolated judgment. Read the paper and blog: averlon.ai/blog/why-agent…

The Vercel - Context.ai incident came down to a misconfiguration. A third-party AI tool an employee connected to their Google Workspace account had its OAuth token compromised. The attacker used that token to pivot into Vercel’s environment. What’s worth paying attention to is what broad OAuth access can expose: source code, credentials in .env files, architecture documents. Together, that can give a clear picture of how a system is put together and how to move through it. It’s not just about whether something is exposed. It’s about what that access enables. Vishal Agarwal (@vishalagarwa6c) breaks it down: averlon.ai/blog/what-the-…

CISA added a Cisco SD-WAN Manager CVE, originally tagged medium by Cisco, to its Known Exploited Vulnerabilities catalog this week. Four days to fix for federal agencies. Why? Sunil Gottumukkala (@sunilgot), Averlon CEO, explains: “CVSS scores individual bugs. It doesn't score attack chains. An information disclosure flaw that exposes keys and secrets on a high-leverage management asset can be far more consequential operationally than the score suggests. The more important signal is the attack-chain value.” The KEV tells you something was exploited. It doesn’t tell you why it matters in your environment. That reasoning is still on you. Understanding where a vulnerability sits in a potential attack pathway is what separates noise from risk that actually matters. scworld.com/news/another-c…

Excuse me I was assured it was all hype

If you read this and don’t understand why it’s happening it’s an opportunity to reset your understanding of how the real world works. The real world will need a ton of help actually getting agents going in the enterprise. Companies have legacy tech stacks they need to modernize, data in tons of fragmented tools, knowledge that isn’t captured or digitized, and change management needed to actually utilize agents effectively. And they have to do all this while still running their business day-to-day, unlike startups. This is why there is so much opportunity for companies (software or services) to actually deploy agents in specific domains and workflows. This remains a big opportunity for both existing services providers but also tons of new startups as well. Every new technology wave produces a new era of consulting firms that can deliver on that technology. It’s also why the FDE model is going to be alive and well for a long time because companies will want to have their vendor actually help drive the change management and implementation for their new workflows. The people aren’t going away. Far from it.

Dogfooding Opus 4.7 the last few weeks, I've been feeling incredibly productive. Sharing a few tips to get more out of 4.7 🧵

Excited to try Opus 4.7 which seems to be meaning fully better than 4.6, but still far behind Mythos even on non-cyber related tasks. Can't wait to get our hands on Mythos at some point :)

It's been a heavy week talking about how vulnerability discovery is accelerating and what that means for teams trying to keep up. One of our team members, Manish Varma (@manishv08576231), turned that into… a parody song. Not sure if that means we've spent too much time on Glasswing this week, or not enough. We couldn't not share it. 🔊 Sound on

Thx for sharing. Your argument on what Microsoft could be willing to pay to fix ALL vulnerabilities is very interesting. I think if you take AI model capability improvements to the limit, one could potentially treat this as a onetime cost of finding and fixing every issue in the existing code base. In that world patching becomes one time issue for all existing systems. Interesting thought exercise. Not sure if we have any evidence at this time on models getting to that stage in a realistic timeframe. Would be great if that's the future

@sunilgot Just wrote up my thoughts. stiennon.substack.com/p/mythos-previ…

The obvious headline is that Mythos could make zero-day discovery dramatically cheaper, faster, and more scalable. The bigger issue is what happens next. Even if access to Mythos is tightly controlled, the industry should expect a surge in dangerous vulnerabilities being found across major platforms. And once patches are released, threat actors are often able to reverse engineer them and turn them into working exploits fast. Teams need to up-level their remediation operations now, with continuous visibility into exposed assets, a clear understanding of likely attack paths, and the ability to mitigate risk at machine speed. Industry is not ready for this.

Introducing Project Glasswing: an urgent initiative to help secure the world’s most critical software. It’s powered by our newest frontier model, Claude Mythos Preview, which can find software vulnerabilities better than all but the most skilled humans. anthropic.com/glasswing

9.8 CVSS. High EPSS. Apache Tomcat. Potential RCE. Looks urgent. Fix it first? What if it’s not reachable? The CVE is critical. The risk isn’t. CVSS ≠ risk. In this case: - No exposure - No meaningful path to impact Not what you fix first. That’s what Remediation Ops enables. At scale.

Security is shifting. From finding issues → to actually fixing what matters. That shift is starting to show up more clearly. Averlon was named a winner at the Global InfoSec Awards by Cyber Defense Magazine in the category: Groundbreaking Agentic Remediation Operations Platform Not for finding more. But for helping teams reduce real risk across their environment. See how this works in practice: averlon.ai/webinars/remed…

Finding issues isn’t the goal. Reducing risk is. That’s the shift we’ve been building toward. We're excited to be recognized by Enterprise Security Tech’s Top Cybersecurity Companies of 2026. Not for finding more. But for fixing what matters what actually matters. That's Remediation Operations. If you want to see how this works in practice: averlon.ai/webinars/remed… Some of our team is in SF for RSA. If you'd like to compare notes over coffee, reach out to Sunil Gottumukkala (@sunilgot) or Rajeev Raghunarayan (@raraghun).

ere’s a growing assumption that AI will just solve security problems. AI can generate answers. Security needs decisions you can trust. That requires: • The right context • Consistency in how decisions are made • An understanding of real-world tradeoffs Without that, even highly capable systems can produce outcomes that don’t actually reduce risk. @sahil_garg_cs breaks this down well. We’ve been digging into this more here: averlon.ai/blog/the-quest…

Fixing vulnerabilities sounds simple. It isn’t. By the time an issue hits the backlog: • The context is gone • The code has moved on • The safest fix isn’t obvious • And every fix carries risk So teams: Prioritize. Defer. Revisit later. Not because they’re doing anything wrong. But because they’re assessing the risk of fix. And that decision becomes part of the backlog. Prevention isn’t just about shifting left. It’s about acting while decisions are still easy to make. See comments if you want to see this in action.

Live today: Remediation Operations in Action. Vulnerability data isn’t the bottleneck. Deciding what actually reduces exposure is. Security teams see thousands of findings. The harder questions are: • What is actually exploitable here • What reduces exposure first • How to fix without creating instability That decision layer is Remediation Operations. Today we’re walking through it live. From contextual exploitability To understanding attacker pathways To safe remediation in workflow If reducing exposure, not just managing findings, matters to you, join us. 🔗 averlon.ai/webinars/remed…

The best response to @AnthropicAI's @claudeai Code Security announcement reaction I've seen is from @snyksec "This is a bit like saying, ‘We built a really good smoke detector, so fire departments are obsolete.’ ” 😃