Mythos: Five Best Practices for Identity Security Leaders

Anthropic’s Claude Mythos has dramatically reduced the time it takes to turn a vulnerability into a working attack — and similar capabilities are already spreading to cheaper, open-weight models. At the same time, AI agents are expanding the attack surface by authenticating, holding secrets, and acting on their own. In this on-demand session, Delinea security leaders Jason Mitchell and Brian McHenry share five best practices they apply inside Delinea and recommend to identity and security leaders. Chapters 00:00 – Welcome and speaker introductions 00:52 – What is Anthropic’s Claude Mythos? 02:30 – Why identity security matters in the Mythos conversation 04:08 – Five best practices for identity security leaders 04:28 – Best practice 1: Continuously discover every identity and its access 05:52 – Best practice 2: Eliminate standing access 10:30 – Best practice 3: Minimize and broker secrets 12:57 – Best practice 4: Move to continuous authorization 16:13 – Best practice 5: Treat AI agents as privileged identities 18:45 – How Delinea’s identity risk assessment helps teams get started 20:58 – Closing thoughts