When Palo Alto Networks, a leading global cybersecurity provider, began testing Anthropic’s Claude Mythos model to review its own source code earlier this year, the results offered a stark preview of the next generation of threat intelligence. According to Sam Rubin, senior vice president of the company’s threat intelligence arm, the model identified more than two dozen critical vulnerabilities in approximately three weeks. This detection rate is roughly five times what the company would typically uncover using its existing suite of security tools.

However, the technical triumph was accompanied by a severe financial reality check. Rubin noted that the company "very quickly" burned through more than $1 million worth of tokens to facilitate the Mythos scan. Anthropic, the AI research company known for its Claude family of models, charges for compute usage based on the volume of data processed and generated. This early deployment illustrates the central tension of the current enterprise AI cycle, where breakthrough capabilities are tightly coupled with prohibitive compute costs.

The economics of automated vulnerability detection

The integration of large language models into cybersecurity workflows represents a structural shift in how enterprise code is audited. Traditional static application security testing relies on predefined rules and pattern matching, which establishes a baseline but often misses complex logical flaws. By contrast, models like Mythos can parse the broader context of an application's architecture, leading to the fivefold improvement in detection efficacy reported by Palo Alto Networks.

Yet, the mechanism that enables this deep analysis—massive context windows and continuous token generation—is inherently expensive. Scanning millions of lines of proprietary source code requires a continuous stream of API calls. A million-dollar burn rate for a single, multi-week internal audit reshapes the return-on-investment calculus for security teams. It transitions vulnerability detection from a relatively fixed software licensing cost into a highly variable, compute-heavy operational expense, raising questions about how frequently such comprehensive scans can be practically executed.

Market pressures and the open-source alternative

This economic friction is playing out against a backdrop of intensifying competition in the AI coding and security sector. The market is increasingly fragmenting as hyperscalers like Microsoft push for greater AI independence and international competitors introduce capable alternatives. For instance, the recent launch of a new open-source AI coding model by China’s MiniMax signals a heating up of the open-weight ecosystem, which could eventually offer enterprises a way to internalize compute costs rather than paying continuous API tolls to proprietary providers.

For venture capital and enterprise buyers, the Palo Alto Networks case study serves as a critical benchmark. It validates the technical thesis that frontier models can fundamentally upgrade enterprise security infrastructure. At the same time, it underscores that the current pricing structures of top-tier proprietary models may limit their use to high-stakes, periodic audits rather than continuous integration pipelines. Until inference costs decrease significantly, the deployment of elite AI security agents will remain a premium capability.

The trajectory of AI in cybersecurity will likely hinge on whether model efficiency can outpace the growing complexity of enterprise codebases. As organizations evaluate the trade-offs between detection rates and token costs, the market will test whether premium pricing can be sustained in an increasingly crowded ecosystem of specialized and open-source models.

With reporting from The Information.

Source · The Information