Mythal
the manual
01 / 14 FIELD MANUAL · OPEN AT PAGE ONE

How it works.
A technical field manual for Infrastructure & Security leadership.

What we built, how the components fit, what an agent actually does, what the policy gate prevents, and what ninety days inside your environment looks like. Written for engineering leaders who want to understand the system before they sign for it.

Page through → Switch to the executive brief Reference: 12 agents

Next-Era LLC · v0.2 · keys: F T ?

02 / 14BASELINE · WHERE YOU ARE

A typical month at Class I scale.

Order-of-magnitude figures that frame the operating reality. These are the constants every solution in this space must respect.

Assets in scope
50K+
IT · OT · DMZ · cloud
Monthly CVEs published
1,200+
NVD · KEV · vendor PSIRTs
Findings on Patch Tuesday
163
April 2026 single window
Sec-ops headcount
~15
flat for 5 yrs
Scanners in production
3–6
Qualys · Tenable · Wiz · Claroty…
OT maintenance windows
2 / yr
4 hours each
Critical Cyber Systems
800–2K
TSA SD 1580 scope
Avg IT MTR
22 days
CVE → verified fix
03 / 14THE SHAPE OF THE PROBLEM

The Mythos thesis, in concrete terms.

The reason this becomes a fabric-and-agents problem rather than a "buy more analyst seats" problem.

VELOCITY 1

Discovery

AI tools diff vendor patches against unpatched binaries and reconstruct vulnerabilities in hours. Open-source codebases get audited at scale. Cost of discovery: collapsed.

VELOCITY 2

Exploitation

Public proof-of-concept exploits arrive within days. Ransomware operators automate target selection straight from CISA KEV. Cost of exploitation: collapsed.

VELOCITY 3

Response

Same analyst headcount. Same change-advisory boards. Same scarce OT maintenance windows. Cost of response: unchanged. This is now the binding constraint.

Two of three velocities changed. The third now governs every outcome. — the Mythos thesis, summarized in one sentence
04 / 14THE ARCHITECTURAL MOVE

From linear workflow to closed-loop fabric.

A change in shape, not just speed. The legacy pipeline is human-relay; the fabric is machine-orchestrated with humans at named gates.

BEFORE · LINEAR HUMAN RELAY

Workflow

Scanner → Ticket → Triage
       → CAB → Window planning
       → Tech → Reboot → Verify
       → Manually log evidence
  • Each handoff loses context
  • Each pause is a queue
  • Audit evidence is recovered, not generated
  • OT safety is policy text, not enforcement
AFTER · CLOSED-LOOP FABRIC

Agent mesh

Scanner → Agent fabric
       → Signed handoffs
       → Policy gate
       → Executor / OT veto path
       → Verifier → Closed
  • Typed, signed messages between agents
  • Each transition is persisted before any side effect
  • Reasoning trace = audit evidence (same artifact)
  • OT safety is enforced by a dedicated agent
05 / 14DEFINITION · DEMYSTIFICATION

What "agent" means inside this platform.

The word does a lot of work in trade press. Here it has a precise, bounded definition. Reassuring rather than alarming.

✓ AN AGENT IS
  • A small program with a single, narrow job — usually 200–600 lines of Python
  • A typed input → typed output — Pydantic schemas enforced on both ends
  • Optional reasoning step — may call Claude / GPT or run pure rules
  • Auditable — emits one signed message and one trace entry per invocation
  • Idempotent — running it twice produces the same output for the same input
✗ AN AGENT IS NOT
  • A chatbot — no free-form conversation, no open-ended prompts
  • A general-purpose assistant — each agent refuses requests outside its contract
  • Autonomous — a deterministic policy gate denies actions that violate the seven default rules
  • Reading the trace = reading chat logs — reading the trace is reading structured records
  • A dependency on someone else's API — falls back to deterministic mode on auth or rate-limit failure
06 / 14THE ROSTER

Twelve specialists. One supervisor.

★ ORCH

Supervisor

Drives FSM. Dispatches specialists. Claude Opus 4.7.

A01 · DETECT

Scanner Liaison

Qualys · Tenable · Wiz · Claroty · Nozomi · Dragos

A02 · ENRICH

Threat Intel

NVD · KEV · EPSS · PSIRTs · ICS-CERT

A03 · ENRICH

Patch Hunter

Vendor fix + reliability score 0–1

A04 · PRIORITIZE

Impact Analyst

CMDB join · dependency graph · BIP

A05 · PRIORITIZE

Change Risk

Historical failure rate · window · canary

★ A06 · SAFETY

OT Safety Officer

Veto on OT / CCS. NIST 800-82r3 + IEC 62443.

A07 · PLAN

Remediation Planner

Steps · order · approvals · rollback

A08 · ACT

Executor

Ansible · SCCM · Tanium · Panorama · OT-native

A09 · VERIFY

Verifier

Rescan · health · exploit retest

A10 · AUDIT

Compliance Reporter

TSA · NIST · IEC evidence units

★ A12 · INVENTORY

Inventory Insights

Beyond CVE flow · EOL · sprawl · shadow IT

07 / 14DATA FLOW · ONE FINDING

A CVE's journey, end to end.

+0s

Scanner Liaison ingests

Qualys reports CVE-2026-XXXXX on asset corp-fileserver-042. Canonical VulnerabilityFinding emitted. Trace ID assigned.

+2s

Threat Intel + Patch Hunter (parallel)

KEV=true · EPSS=0.81 · exploit_in_wild=true. Microsoft KB located. PatchReliabilityScore=0.94.

+4s

Impact Analyst + Change Risk

BusinessImpactProfile: criticality=High · 17 downstream · regulated. ChangeRiskScore=0.18 · canary peer available.

+6s

Remediation Planner

6-step plan with rollback. Tool: sccm. Window: 02:00–06:00 nightly canary ring. Approval scope: security.

+7s

Policy Gate (SG-POL-003)

Criticality ≤ High but auto-apply caps at Medium → routes to single_approval. Plan enters AWAITING_APPROVAL.

+ approval

Executor → Verifier → Compliance Reporter

SCCM pushes the KB. Rescan confirms. Evidence units emitted under NIST CSF RS.MI-01 and TSA SD §3.D.

08 / 14LOOKING INSIDE ONE AGENT

OT Safety Officer — the agent your operations lead reads first.

▸ SYSTEM PROMPT EXCERPT

What it's told to do

You hold veto rights on any action touching
an OT-zone asset or a Critical Cyber System.
Default to refusing direct patches.
Propose compensating controls instead:
  · industrial firewall ACL tightening
  · IPS signature (virtual patch)
  · monitored isolation
Schedule firmware updates only inside a
planned maintenance window with dual
approval and a tested rollback recorded.
▸ INPUT CONTRACT

Pydantic schema

class OTSafetyRequest:
    vuln_id: str
    asset_id: str
    asset_env: "IT" | "OT" | "DMZ"
    is_ccs: bool
    patch: Patch | None
    impact: BusinessImpactProfile
    risk: ChangeRiskScore
▸ DECISION

Output

  • veto: bool — defaults true for OT/CCS
  • rationale: str — auditor-readable
  • compensating_controls: [...]
  • scheduled_for: datetime — next window
  • requires_approval: ["security", "ot_operations"]
▸ ENFORCEMENT

How the veto is honored

  • Policy gate SG-POL-002 blocks Executor on OT zones
  • OT Safety must sign the AgentMessage before Planner can finalize
  • Dual approval requires both security AND ot_operations Approval rows
  • Rollback plan must dry-run successfully (SG-POL-006)
09 / 14GUARDRAILS

Seven rules. One gate. Between every agent and any side effect.

The agents propose. The policy disposes. The seven default rules are visible, versioned, and overridable per-tenant under change control.

Rule IDConditionDecision
SG-POL-001Critical Cyber System change requestdual_approval (security + ot_operations) + open window + validated rollback · else deny
SG-POL-002Any OT-zone assetdual_approval · OT Safety Officer sign-off required
SG-POL-003IT asset · criticality ≤ Medium · reliability ≥ 0.85 · canary peer · window open · rollback validauto_apply
SG-POL-004Default IT remediationsingle_approval (security)
SG-POL-005Tool target outside allowlistdeny — no exfiltration to non-allowlisted destinations
SG-POL-006Rollback plan missing or fails dry-run validationdeny — reversibility required
SG-POL-007Active change blackout windowdeny — blackouts honored regardless of severity
10 / 14THE AUDIT ARTIFACT

The reasoning trace — one document, two audiences.

The chronological record an engineer reads to debug is the same record an auditor reads to assess control coverage. Generated, not assembled.

trace_id: 01HF9N3K7Z4Q8M2R5T1V6W9Y8X · CVE-2026-19110 · mcr-ruggedcom-east-014

[16:42:01] scanner_liaison    INGEST     Normalized from claroty. CVSSv3=9.6.
[16:42:02] threat_intel       ENRICH     KEV=true · EPSS=0.84 · ransomware_associated=true.
[16:42:03] patch_hunter       HUNT       Siemens fix 5.7.0 located. Reliability 0.91.
[16:42:04] impact_analyst     IMPACT     Asset env=OT zone=PTC-Wayside is_ccs=true downstream=23.
[16:42:05] change_risk        RISK       Score 0.62 · canary required · failure rate 0.18.
[16:42:06] ot_safety_officer  VETO       Asset is CCS in OT zone. NIST 800-82r3 §6.2 and IEC
                                          62443-2-3 require change inside maintenance window
                                          with dual approval. Proposing compensating controls.
[16:42:06] ot_safety_officer  CONTROL    acl: tighten Industrial Firewall ACL between Corp DMZ
                                          and PTC-Wayside zone. deny default. log denies.
[16:42:06] ot_safety_officer  CONTROL    ips_signature: deploy on Cisco Firepower in alert+block
                                          mode after 30-minute alert-only soak.
[16:42:06] ot_safety_officer  SCHEDULE   Firmware update scheduled for next OT maintenance
                                          window: 2026-06-04 01:00 UTC.
[16:42:07] remediation_planner PLAN      3-step compensating-control plan. Status AWAITING_APPROVAL.
                                          Required: security + ot_operations.

signature: HMAC-SHA256:7c4e9a1f3b...8d2e0f · ledger tamper-evident
11 / 14BEYOND THE CVE FLOW

The twelfth agent — proactive, not reactive.

Everything to this point fires when a CVE drops. Inventory Insights runs continuously on the full estate and surfaces risk that no scanner has yet reported.

Recs on first sweep
2,087
on the 6,530-asset demo estate
Critical
91
High
1,098
Medium
898
CATEGORY

patch_band_drift

OS / software below the supported security baseline. e.g. Windows Server 2022 build < 20348.2700.

CATEGORY

ot_firmware

OT vendors below recommended minimum. Siemens RUGGEDCOM < 5.7.0 · Wabtec WIU < 3.2.0.

CATEGORY

version_sprawl

Same vendor + product running ≥3 distinct versions across the estate. Multiplies CVE response cost.

CATEGORY

ccs_no_owner

Critical Cyber Systems flagged but lacking a documented owner in CMDB. TSA SD 1580 §3.B violation.

12 / 14PLUGS INTO WHAT YOU OWN

No rip-and-replace. Orchestration above your tools.

The pilot stands up alongside everything you already run. Connectors are read-only on the source side; only the Executor agent writes — and only through tools you already operate.

SCANNERS · IT
Qualys VMDR · Tenable.io · Rapid7 InsightVM · Wiz · Microsoft Defender VM
SCANNERS · OT
Claroty xDome · Nozomi Networks · Dragos
INTEL FEEDS
NVD · CISA KEV · EPSS · ICS-CERT · GHSA · Project Glasswing
PSIRTs
Microsoft · Cisco · Siemens · Wabtec · Red Hat · Palo Alto · Hitachi Rail
CMDB
ServiceNow · Device42 · iServer
PATCH · IT
Microsoft SCCM / Intune · Tanium · BigFix · Ansible · Puppet · Chef
PATCH · NETWORK
Cisco Catalyst Center · Palo Alto Panorama · Cisco Firepower
PATCH · CLOUD
AWS Systems Manager · Azure Arc · GCP OS Config
PATCH · OT
Tenable OT Security · Claroty SRA · vendor-native firmware tooling
IDENTITY
Microsoft Entra ID · Okta · Ping · for IAM-aware remediation (roadmap)
ITSM
ServiceNow · Jira Service Management · BMC Helix
SIEM / GRC
Splunk ES · Microsoft Sentinel · Elastic Security · Archer · MetricStream
13 / 14PILOT ARCHITECTURE

What 90 days inside your environment looks like.

Mythal runs in a dedicated tenant — SaaS or single-VM on-prem appliance. Read-only into your scanners and CMDB. Write only through the patch tools your team already operates, gated by OPA policy and your approvers.

   ┌─────────────────────────────────────────────────────────────────────┐
   │  YOUR ENVIRONMENT                                                   │
   │                                                                     │
   │   ┌─────────────┐  ┌─────────────┐  ┌─────────────┐                 │
   │   │   Qualys    │  │  Defender   │  │  Claroty    │ ← scanners      │
   │   └──────┬──────┘  └──────┬──────┘  └──────┬──────┘   (read-only)   │
   │          │   read-only    │                │                        │
   │          ▼                ▼                ▼                        │
   │   ┌───────────────────────────────────────────────────┐             │
   │   │     Mythal Tenant (your VPC or on-prem)     │             │
   │   │   Postgres · Redis · Agent fabric · Policy gate   │             │
   │   └─────────────────────────┬─────────────────────────┘             │
   │                             │                                       │
   │            ┌────────────────┼────────────────┐                      │
   │            ▼                ▼                ▼                      │
   │   ┌─────────────┐  ┌─────────────┐  ┌─────────────┐                 │
   │   │    SCCM     │  │  Panorama   │  │ Claroty SRA │ ← patch tools   │
   │   │   (you)     │  │   (you)     │  │   (you)     │   (you operate) │
   │   └─────────────┘  └─────────────┘  └─────────────┘                 │
   │                                                                     │
   │   ┌─────────────┐  ┌─────────────┐  ┌─────────────┐                 │
   │   │ ServiceNow  │  │   Splunk    │  │   Archer    │ ← ITSM/SIEM/GRC │
   │   │   (you)     │  │   (you)     │  │   (you)     │   (we feed)     │
   │   └─────────────┘  └─────────────┘  └─────────────┘                 │
   └─────────────────────────────────────────────────────────────────────┘
14 / 14DECISIONS · TO MOVE FORWARD

Two yeses. One introduction.

A bounded engagement designed to produce an internal advocate and a measurable result before any commercial discussion.

YES 1 · SCOPE

One IT segment + one OT zone

Pilot scope. Roughly 2,000 IT assets and 100 OT assets is enough surface for a complete demonstration of the closed loop and the veto path. Production roll-out scales the same pattern.

YES 2 · TIMELINE

90 days, engineering at-cost

Stand up in 30. Operate for 30. Auditor + broker walkthrough in the last 30. Joint go / no-go decision at day 90. No commercial commitment until you say green.

INTRODUCTION

Auditor & cyber-insurance broker

We want the evidence package validated against your auditor's expectations and the attestation reviewed against your renewal cycle. Both unlock measurable year-one ROI ($1.2–2.4M premium relief at typical Class I scale).

Reference pricing post-pilot: $750K–$3M ACV scoped by estate size and integration breadth. On-prem appliance option ships in M9+1. Madhu Uppalapati · Next-Era LLC · sentinelgrid@next-era.dev