Webinar

Industry Leaders

About Our Experts

Colin Whittaker

Founder & Director at Informed Risk Decisions Ltd
Colin is a leading payments security expert with extensive experience shaping global risk strategy. A former PCI SSC Board of Advisors member, he drove major security and compliance initiatives at APACS and Visa Europe. Now an independent consultant, he advises diverse organizations and frequently speaks and publishes on cybersecurity and information risk.

Janet Worthington

Senior analyst at Forrester advising security and risk professionals

Janet is Senior Analyst at Forrester, advises security and risk leaders on product security, secure development, and application security. With 25+ years in software development, security program management, and engineering leadership, she has helped global enterprises build scalable AppSec programs and strengthen collaboration across security, development, and product teams.

Paul Asadoorian

Principal Security Researcher at Eclypsium & founder of Security Weekly
Paul is Principal Security Evangelist at Eclypsium and founder of Security Weekly. With deep experience in penetration testing, vulnerability management, Python development, and security product evaluation, he brings hands-on expertise from roles supporting universities, enterprises, and security vendors. His work continues to influence modern vulnerability and firmware security practices.

CPE Webinar | Mythos vs. Reality: Zero‑Day Defense for 2026 Supply Chains

Sep 3 / IT GRC Forum
Frontier‑scale AI is rapidly redefining how organizations confront zero‑day threats buried deep within software and firmware supply chains. Anthropic’s Project Glasswing showed that models like Claude Mythos Preview can uncover severe vulnerabilities at speeds traditional analysis simply cannot match. Yet despite the industry’s fixation on AI‑enhanced attackers, the more grounded reality is that even the most advanced systems remain only as secure as the vendors and contractors supporting them. Recent unauthorized access attempts involving Mythos‑class environments made this clear: the failure point wasn’t AI containment but basic supply‑chain weakness.

As AI‑assisted analysis grows more capable, it is exposing systemic flaws across cloud, software, and firmware ecosystems that organizations have long struggled to detect. This session explores why SBOM‑centric strategies, though useful, cannot keep pace with machine‑speed discovery and why zero‑day exposure increasingly originates in third‑party and firmware components. The widening gap between traditional assurance methods and AI‑driven analysis demands a new approach to validation and monitoring.

Attendees will learn how to operationalize AI for continuous validation, strengthen vendor assurance programs, and harden architectures against rapidly evolving threats. By understanding where current approaches fall short and how frontier‑scale models reshape defensive strategy, organizations can build supply‑chain security capable of withstanding AI‑accelerated risk.