Sweet Security's Agentic AI Red Teaming Solution
The Mythos Moment refers to the realization that human security cannot match the speed and volume of AI-assisted cyberattacks. In response, the Cloud Security Alliance (CSA) advised introducing AI agents to the cyber workforce to enable defenders to match attackers' speed. Sweet Security's Agentic AI Red Teaming offers a theoretical solution, requiring deep knowledge of each infrastructure concerned.
Frontier models are brilliant generalists but lack knowledge of individual clouds. An agentic system must be designed specifically for its user's environment, and security teams face the challenge of maintaining the agents' contextual knowledge base. Sweet Security's solution, Sweet Attack, provides automated continuous agentic red teaming built on an automatic and detailed knowledge of each client's infrastructure.
How Sweet Attack Works
Sweet Security has been indexing runtime data directly from customers' environments, including runtime topology, unencrypted Layer 7 exposure, deployed source code, identity paths, and live application behavior. This index serves as the substrate for the agent to reason over, allowing it to know the environment rather than just hypothesize about it.
Sweet Attack can see the roads most traveled and where the water actually runs, rather than theoretical paths with no data behind them. It is guided by a heuristic that determines which options and traversals are worth exploring, and it only goes where there is a path worth walking. This process is done continuously and rapidly, without waiting for scheduled human red team operations or being affected by human conditions like tiredness or boredom.
Other tools enumerate every possible path. Sweet Attack finds the ones an attacker would actually take, because it's reasoning over the real environment, not a model of one.
Yigael Berger, Chief AI Officer at Sweet Security, highlights the importance of Sweet Attack's ability to reason over the real environment, including shadow IT and shadow AI that may be unknown to human Red Teams. Sweet Attack discovers runtime assets and behaviors that might not be formally documented, including shadow AI components, AI agents, MCP servers, tools, packages, APIs, and other infrastructure elements.
Benefits and Results
Sweet Attack provides a timetable for vulnerability remediation by understanding which vulnerabilities can be exploited and knowing which attack paths can reach them. Inconsequential vulnerabilities can be ignored, knowing they will be continuously reevaluated if new additions to the infrastructure create new attack paths.
A beta tester, the CISO at Cast & Crew, reported that Sweet Attack surfaced fully exploitable attack chains that annual third-party red team engagements had missed. Sweet Attack also provided a concrete mitigation and remediation action plan that had the environment completely secure within two hours.
The purpose of Sweet Attack is to begin closing the gap between AI-assisted attackers and AI-assisted defenders, as recommended by the CSA. It is available now to Sweet Security customers.
- Related: 'Claude Mythos' – A Cybersecurity Breakthrough That Could Also Supercharge Attacks
- Related: The Mythos Moment: Enterprises Must Fight Agents with Agents
- Related: Chinese Cybersecurity Firm's AI Hacking Claims Draw Comparisons to Claude Mythos
- Related: Furl Raises $10 Million for Autonomous Vulnerability Remediation
Source: SecurityWeek