Ai vulnerability 💩 storm.. is a coming

Just shared this CSA / SANS paper with our exec team and wanted to get thoughts from this group as well.

This was put together by a pretty credible group. CSA CISO community, SANS, OWASP GenAI, along with current and former CISOs from places like Google and Cloudflare. Not vendor fluff, no “Ai” hype to sell software.

The core argument is simple but important:

The time between vulnerability discovery and exploitation is collapsing. Not days or weeks anymore. In some cases hours. That changes how you think about patching, response, and overall risk.

And it is not just speed. It is volume and accessibility. AI is making it easier to find real vulnerabilities at scale, which means more pressure on already stretched teams.

A few things that stood out to me:

• We are going to see a lot more vulnerabilities, and more of them will be valid
• Attackers are getting more benefit from AI than defenders right now
• The idea that we have time to react is starting to break down
• You cannot scale this problem with people alone. You HAVE TO use models to write defensive code or you will get overun.

One area I keep coming back to, especially in the Epicor world, is control over the environment.

If this plays out the way they are describing, then:

• Shadow IT becomes a bigger problem, not a smaller one
• Random SaaS tools spinning up outside of IT just increase exposure
• The more fragmented the environment is, the harder it is to respond at speed

We have been tightening this up internally. No system gets introduced without IT involvement. Period. SaaS included. It is not about slowing the business down, it is about making sure we can actually secure and support what gets deployed.

Also worth calling out, they specifically mention burnout as a real risk. The volume and pace they are describing is not something most teams can absorb without changes in tooling, process, or staffing.

Are you changing anything yet in how you handle patching, vendors, or shadow IT? Or does this still feel a bit early?

Is SaaS a better proposition because of this or is it worse? Do we trust the vendors (Epicor and others) to keep up with this?

I am torn, on one side shifting the responsibility to Epicor sounds great, but (no ofense to them) we have seen them drop the ball fairly often in SaaS land. Also there is near ZERO need to have your ERP Web accessible in the WAN that’s just a huge attack surface that is the point?

Wouldnt the ERP be a lot more secure if it was limited to the inner sanctum of your network?

We live in damn interesting times… here’s a not specifically tied to Epicor, but tied to the damn IT work we are about to walk into…

FML

It also basically means we shouldn’t be writing code manually any more, at least not without some serious workflows for review that include Model Driven vulnarability analysis. We simply aren’t “smart enough” (speed, and knowledge) to fight this individually.

Anthropic Mythos enters the chat

As someone who was always a fan of the concept of the singularity since first reading of the concept in the 1990s, we are firmly here. This type of paradigm shift in the status quo will occur to many industries, departments, etc. - security is just one of the more low hanging fruit for AI because it’s all patterns and to date mostly handled by obscurity.

Automated repo based code reviews (see Google jules) are the way

I don’t trust any SaaS vendor more than myself. Daily there are security breaches and data exfiltration stories.

Sorry, which markup language is this?

Mythos is finding vulnerabilities, that much is clear. It is also possible for models since GPT-5.3-Codex to do very similar work as the vulnerabilities Anthropic announced with Mythos were also found by GPT and other models.

We’ve been in this position for months, one headline just got more people looking at the emerging problem.

An argument can now be made that SaaS introduces more surfaces, which in turn is less secure. Internalizing everything may occur, given the SaaS market is already down every time a new model releases.

Take a look at $FIG or the index in general over these companies. Down.

I think, whether it’s accepted or not, to you’re point: you HAVE to use these models.

Side note: Be careful with defensive code prompts, AI will overload them into performance critical hot paths.

Side note 2: OpenAI is claiming to release a similar quality of model to Mythos today.

Thanks for sharing.

Finding vulnerabilities is one thing, but these models are also creating working exploits. The model doesn’t really matter, and I think the authors of the paper above even say so. It’s the existence of this capability that is the cause for concern.

The question is, do you play wack-a-mole trying to fix every security flaw or do you design systems that expect to be exploited and handle the behavior. In civil engineering it would be equivalent to “bend, don’t break.”

a “Frequently used one” one FML (frequent markup language) as in… I use it often… to … “remark” and “empahsize” how… F…cked we are

Is my bank account any safer? I’m not sure if I want an answer to that.

Most banks run COBOL 85 so… technically yes… but only by virtue of obsellesense

Also they have FDIC to insure you so your personal risk is minimal. Can you/we say the same about your/our systrems?

Whack-a-mole is exactly what the companies with Mythos are doing, including Microsoft. They fixed over 100 vulnerabilities in Windows alone. So, yes.

Also Banks Systems were written with security a the forefront. They know they had a huge attack surface so most if not all planned for it and around it. They are hardened first , secure first systems.

ERP Security has (for the most part) always been a second if not third class citizien. Look at Epicor for example, Menu security (UI) security is the default.

You can block acces to Order Entry via menu security while the same user using REST can use 100% ofm the functionality of the Sales Order Business Object.

We (all of us including the ERP) need to re-evaluate our software security stance.

I guess I mean a more fundamental level - not just wipe my account, but remove the field that stores my current balance and the transactions to support it. And all the backup database records, too.

I’m not mocking your point; I’m saying there’s no real end to this road and that’s always scared me.

I’ve never really understood security; can’t it always be reverse engineered at some point?

2FA seems great until I think about how I need
A. A password
B. And a code sent to my phone

But if I forget A, then the solution is to… send a code to my phone… so if A=B and B=B then 2FA is just 2B: my phone X2.

Definitely. And API v2 is not enforced (right?) You can go on for a while.

I need to learn how to farm.

Don’t rely on SMS MFA. It’s barely MFA. It’s better than nothing in some cases. And is usually the only option with banks. But something like a Yubikey or even TOTP can’t be sent to another phone. If they have your password and your phone/Yubikey you are are rally F…cked

This sounds more and more appealing every day. This job has turned into a nightmare since the LLM revolution. Even when you embrace it the changing field at break neck speed is killing me (us).

I yearn for the days of I learned PHP and I’m good with that guy for 10 years. Now you use one Ai tool today adn there’s a better new one tomorrow. Its exhausting, that paper talks about Burn out and boy oh boy isn’t that 100% true right now.

Lets estabolish a comune of non internet connected village that runs Epicor classic in our walled guarden and live off bartering

I have been having this internal dialogue with myself for months now, I’ve researched how CTO’s CIO’s are handling the deployment of systems, are they really filtering it all through the department first or are they allowing departments to choose their own systems/tooling. Wild times for sure man.