Threat Modelling in the Age of Mythos:
What Threat Modelers Need to Do Differently
24 June 2026 | 13:00 - 14:00 (BST)
Overview
This webinar explores how emerging AI-enabled security capabilities, including Anthropic’s Mythos, will fundamentally change how organisations think about application security, product security, and secure-by-design practices. As AI accelerates vulnerability discovery, threat modelling becomes more important, not less.
Using Mythos as a timely example of a broader industry shift, the session will examine how AI may help defenders identify and remediate vulnerabilities faster while also enabling adversaries to discover, reason about, and chain weaknesses at unprecedented speed and scale.
Rather than focusing on individual vulnerabilities, the discussion will explore why organisations need to think more deeply about attack paths, trust boundaries, identity, authorisation, supply chain exposure, and systemic design risk in an AI-enabled threat environment.
Presented as a moderated conversation rather than a slide-heavy presentation, the webinar will provide practical insights into how AI threat modelling methodologies and secure-by-design programs should evolve in response to rapidly advancing AI security capabilities.
What you’ll learn
- Why AI-enabled vulnerability discovery capabilities matter for AppSec, product security, and threat modelling
- How the attacker model changes when adversaries can use AI to discover and chain vulnerabilities faster
- What threat modelers need to consider differently in an era of AI-accelerated exploitation
- Why attack paths, trust boundaries, identity, authorisation, and privilege escalation become increasingly important
- How supply chain risk extends beyond Software Bill of Materials (SBOM) visibility to include APIs, integrations, vendors, and trust relationships
- Why reducing design-level risk earlier in the Software Development Lifecycle (SDLC) becomes critical as exploit discovery accelerates
- How secure-by-design programs should adapt to AI-enabled security capabilities
- Practical steps organisations can take now to improve resilience against AI-enabled threats
Why You Should Watch
AI is changing the speed and scale of vulnerability discovery and that has significant implications for how organizations model threats, prioritise risk, and design secure systems.
This session is designed for security leaders, threat modellers, AppSec practitioners, product security teams, architects, and engineering leaders who want to understand how AI may reshape both offensive and defensive security capabilities.
Attendees will gain practical perspectives on how to adapt threat modelling and secure-by-design practices to account for AI-enabled attackers, increasingly complex attack paths, and rapidly evolving supply chain exposure.
The discussion will help organisations move beyond reactive vulnerability management toward a more proactive, architecture-focused approach to reducing systemic security risk.
Who should attend?
CISO’s, CTO’s, AppSec leaders, Product security teams, Security architects, Threat modellers, Engineering leaders, GRC & Risk leaders, and anyone responsible for secure-by-design practices.
Speakers
Sebastien Deleersnyder — CTO & Co-Founder, Toreon & QA Fellow
Distinguished security expert
Shaping security worldwide, a driving force in the global security community.
Robert Hurlbut — Principal Product Security Architect / Threat Modeler, Toreon
Robert Hurlbut has over 30 years of industry experience in software security, software architecture, software development, and application security training. He speaks at user groups, national and international conferences, and provides training for many clients.
Fill in your details below to register
The session will close with live audience Q&A and practical takeaways for teams looking to modernize their threat modeling practices in the age of AI.
For those interested in continuing their AI security threat mitigation journey, we’ll share QA’s AI Threat Modeling Training, delivered in partnership with Toreon.