When Machines Fight Machines: Why You need a Team of Agents

This weekend, the most powerful offensive AI model on the planet went dark.

On Friday evening, Anthropic disabled Mythos 5 and Fable 5 worldwide to comply with a US government export-control directive. A frontier lab built something so good at breaking into systems that the government treated it like a weapons-grade export. Mythos could be pulled because one company controls it, but the open-source models close behind answer to no one. Soon, a lone attacker will be able to point that kind of power at your company.

Facing this kind of threat, there is only one effective response. If attackers are running fleets of agents, defenders must run agents, too. But these can’t just be generalized agents. They must be a team of agents, built to work together, to keep up with the scale and complexity bad actors can use.

That is why today Lumos is introducing the first agent workforce built for cybersecurity, specialized to the layer where most attacks actually land: identity. The Identity Agent Force is an integrated team of AI agents that continuously governs access for every human and non-human identity in your company, including the AI agents your own teams are now deploying.

Never bring a knife to a gunfight

Cyber has always been asymmetric. A defender has to find and close as many holes as possible across the whole company. An attacker only needs one path in. That asymmetry was already brutal before AI, and a fleet of agents tilts it further. A hundred of them can probe for that single path around the clock. The defending team is the same group of people who fight tirelessly to keep their companies safe, but must eventually take a break. 

Trying to meet that fleet with the same security team you had last is like taking a knife to a gun fight. No security team, however good, can out-click or out-automate a hundred agents that never sleep.

These agents are tireless in trying to find a way in, and increasingly, they're doing it not through a hack, but by compromising a legitimate identity. Protecting these identities is harder than ever because there’s so much more to actually secure. A company used to mean employees and a handful of contractors. The same company now also runs thousands of non-human identities, like the service accounts and API keys that quietly execute its most critical workflows, alongside a new workforce of AI agents that its own human teams are deploying to take actions at machine speed. Every one of those is a credential an attacker's fleet can try to steal or abuse.

Attackers keep getting stronger while the number of identities they can target keeps multiplying. The IAM team in the middle stays the same size, and the tools in their arsenal are holding them back. Most companies already have SSO, and probably an identity provider with some automation layered on top. None of that can tell you who holds admin-level export rights in Snowflake, or which service account has been running on a standing key for three years with no owner attached to it. Those access questions pile up unanswered, and unanswered access questions are exactly what an attacker goes looking for. You will not hire your way out of that backlog. The only option is to fight fire with fire. Bring agents to the agent cyber battleground. That’s exactly why we launched the Identity Agent Force.

Agents do the work

Traditional identity management runs on human workflows. Most companies review privileged access across their applications once a quarter, even though that access changes many times a day. And when a human is handed thousands of rows of permissions to certify, they rubber-stamp all of it.

The Identity Agent Force changes the operating model underneath. Each agent runs continuously in the background, handling the routine access decisions on its own and pulling in a human only for the exceptions that genuinely need judgment. Equipped with 6 out-of-the-box agents that work together, humans aren’t drowning in manual identity work. Instead, they focus on the outliers and anomalies, hardening their security posture every step of the way.

The Access Review Agent, for example, works through an entire access certification by itself and surfaces only the handful of decisions a person actually needs to weigh in on. The Privilege Threat Hunter watches your non-human identities around the clock and kills the dormant or over-scoped service-account keys before an attacker stumbles onto them. When a team needs additional coverage they add another agent from the Identity Agent Force.

Dozens of companies already run these agents, including Personify Health, Stifel Bank, and Netskope. Their access reviews complete 3x faster and remove 2-7x as much standing access.

The Lumos Secret Recipe

In security, getting it 95% right is the same as getting it wrong. Catching an attacker means finding the one bad grant hidden in a haystack of a hundred thousand, where the bar is 99.99%. Simply bolting a chatbot onto an existing tool cannot deliver this kind of specificity or accuracy. An agent only works if it has ground truth underneath it, the piece most identity tools never built. Two things give our agents that ground truth: the data layer and the context layer.

The data layer is a live map of every identity and every permission in the company, down to the fine-grained access inside each app, so the system knows who can mass-export the customer database out of Salesforce and not just who can log in.

The context layer is a memory of how your company actually runs, down to who owns which service account and which approvals route through legal before anyone says yes. Lumos builds and maintains that context, so a newly deployed agent understands your business on its first day, not its hundredth.

Humans build the system

By nature, this changes the jobs for security professionals, too. In the agentic era, companies need an IAM AI Engineer, who builds and tunes the data and context layers that make the agents work.

As a result, the identity teams are far more strategic than ever before; they secure the new AI-human hybrid workforce, not just push tickets. Instead of approving the thousandth access request of the quarter, they set the policy the agents enforce: what good access looks like for a sales engineer, and where the company is willing to trade speed for caution.

When an agent hits a genuine edge case it escalates, a person with real context makes the call, and that call becomes a rule the whole force applies from then on. The work shifts from doing access by hand to designing how access should work, and the agents carry that design out across every identity, every day.

Where this goes next

Within a few years every company will run on a mix of human employees and AI agents. The winners will be the ones that figured out how to govern that mix safely without slowing the business down.

Pulling Mythos offline bought everyone a short reprieve, but the capability behind it is going to reappear in open models that no directive can reach. We built the Identity Agent Force for exactly this fight, and it is live today. If you carry the weight of identity at your company, this is the moment to build your own fleet, while you still have a little room to do it calmly.

Check it out at www.lumos.com

‍