Four people are seated at a table in a meeting room, while a presenter speaks in front of a screen.

Are we building castles again?

Are we building castles again?

Yannick H.,

Too Long; Didn't Read

AI is now building entire exploit chains on its own, turning minor bugs into severe vulnerabilities. Cloudflare deploys a patch to production in two hours, but on average, businesses have only about a day before a new CVE is actively exploited. SMEs cannot keep up with this pace. The solution is not to patch even faster, but rather to radically reduce the attack surface exposed to the internet. Route your traffic behind proxies and private access instead of remaining openly accessible.

ODCUS Blog-Artikel Titelbild

In recent months, we have seen an acceleration in technical AI capabilities like never before. It is no longer "Vibe Coding", it is "Vibe Engineering". Because AI has become much better at programming. And it is getting better and better. Anthropic's Mythos model went parabolic in the media. The hype was real, but far from reality for people who don't work at the source.

A recent blog by Cloudflare showed what is actually happening at the source.

"Mythos Preview is a real step forward, and that should be clearly stated before going into anything else. We have been letting models loose on our code for some time, and the leap from what was possible with previous general-purpose frontier models to what Mythos Preview does today is not just a refinement of the former. It is a different kind of tool doing a different kind of work, and that makes a clean one-to-one comparison with previous models difficult."

And then Cloudflare used the terms "Exploit Chain Construction" and "Proof Generation", which basically describes the real capability of Mythos Preview: putting pieces together. The model can take low-severity bugs and chain them into a more severe exploit.

What does this mean?

For Cloudflare, it is clear: "As the attacker's timeline shrinks, the defender's timeline must shrink with it. Speeding up won't be enough, and we think many teams are about to invest a lot of time, effort, and money to learn that the hard way."

According to the article, teams are working under a two-hour SLA from CVE release to patch in production. TWO hours. To get a fix into production. That is one side of things.

But now let's think about all the companies that have to apply this patch to their infrastructure and systems.

If we take the data from zerodayclock.com, it takes 1.6 days between public CVE disclosure and the first confirmed exploit in the wild. This number is dropping anyway, so let's round up a little:

Companies have about 1 day to apply a patch before they risk being compromised.

Let's be honest: SMBs cannot possibly keep up with that.

What is the solution?

I see a very strong mirroring of cycles that we have already been through. The Zero Trust security framework shows quite well why we do what we do.

In the past, companies used the network perimeter (I like to call it the castle walls) as their first and strongest layer of security. Nothing comes in, nothing goes out. Of course, this has evolved over time with changing needs and requirements. VPNs for secure gateways, DMZs, and so on. Two major requirements created the need to open up the castle walls: remote work and the cloud. Why? Because people and systems had to be accessible from everywhere. SaaS development required a connection from within the perimeter to the internet, and people wanted to work from home while accessing the corporate network.

So apparently, Zero Trust with all its principles and solutions was the answer. But the reality shows: companies are far from having implemented Zero Trust principles in their infrastructure, especially when it comes to the network (ZTNA, SASE, Secure Global Access, or whatever you want to call it).

So what is the solution? Honestly, we need to drastically reduce a company's exposed attack surface on the internet. We cannot possibly keep up with the speed at which everything is developing. It is like OT environments. People have accepted that they cannot keep pace with updating the technology, so they segmented it or ultimately shielded it completely from exposure.

We must do the same with IT systems. And it is not easy. All data and systems are so distributed and decentralized that it is hard to draw a network perimeter around them. So we need to make sure our traffic and activities are exposed to the outside as little as possible.

This means: put traffic back behind proxies. Start now. If you use Microsoft, you most likely already have Entra Private Access included in your subscription. If you want other solutions, they exist. Cloudflare Tunnel + Access, Tailscale, Twingate, Zscaler. Whatever you prefer. It is already there. Make yourself untraceable, go private, go away from the open web.

Cloudflare's article: https://blog.cloudflare.com/cyber-frontier-models/

Join us on the journey

Effortlessly schedule a conversation and discover how we bring success in the digital world to your company.

Two men are sitting together in a cozy setting, smiling and enjoying a conversation over drinks.

Join us on the journey

Effortlessly schedule a conversation and discover how we bring success in the digital world to your company.

Two men are sitting together in a cozy setting, smiling and enjoying a conversation over drinks.
Abstract design featuring vibrant purple and blue gradients with geometric shapes and lines.
The text reads: "Let’s begin our digital journey."
Contact us!

Grabenstrasse 15a

6340 Baar

Switzerland

+41 43 217 86 70

Copyright © 2026 ODCUS | All rights reserved.

Abstract design featuring vibrant purple and blue gradients with geometric shapes and lines.
The text reads: "Let’s begin our digital journey."
Contact us!

Grabenstrasse 15a

6340 Baar

Switzerland

+41 43 217 86 70

Copyright © 2026 ODCUS | All rights reserved.