Back

As Mythos Expands What Detection Can’t See, Daylight Launches Managed Threat Hunting

Maya Rotenberg
Maya Rotenberg
April 23, 2026
News
As Mythos Expands What Detection Can’t See, Daylight Launches Managed Threat HuntingBright curved horizon of a planet glowing against the dark backdrop of space.Bright curved horizon of a planet glowing against the dark backdrop of space.

New security service combines agentic execution with expert-driven methodology to close detection gaps and make continuous threat hunting possible.

[New York, April 23] — Daylight Security today announced the launch of its new managed agentic threat hunting service, the first offering that makes continuous threat hunting at scale possible. As AI-driven threats and AI-based attack discovery systems like Mythos expand what attackers can discover and exploit, detection alone can no longer keep up, thus making continuous threat hunting a necessity rather than a luxury.

The launch comes as security leaders face a fundamental shift in how they must protect their organizations. The emergence of AI-driven attack capabilities and AI-driven attack discovery systems is expanding the scope of what attackers can discover and exploit, increasing the likelihood of activity that remains undetected. Combined with modern architectures spanning cloud, identity, SaaS, and endpoint systems, this is exposing a critical gap: detection alone cannot provide complete visibility.

As a result, organizations must now operate under a new assumption: detection will never be complete, and unknown activity is inevitable.

“Security teams can no longer rely solely on alerts to understand what’s happening in their environment,” said Hagai Shapira, co-founder and CEO of Daylight Security. “Threat hunting is no longer a periodic activity, it’s a required layer of security. The challenge is that it has never been possible to run it continuously. Until now.”

From Detection to Continuous Validation

Traditional security models are built around detection and response, surfacing known threats through security alerts and detection rules and investigating them after the fact. While essential, this model leaves a critical gap: it cannot investigate what is not being detected, especially as AI-driven attack discovery systems like Mythos expand the range of potential attack paths and unknown behaviors.

Threat hunting addresses this gap by actively searching for hidden or undetected activity. However, in most organizations, it remains limited by time, talent, and scale.

In practice, threat hunting plans often consist of extensive lists of hypotheses that teams intend to investigate, but only a small fraction are ever executed. As a result, large portions of the environment remain untested.

Daylight’s Managed Agentic Threat Hunting service is designed to close this gap by enabling continuous validation across the entire environment, actively testing for what detection systems may be missing.

A New Model: Expert Led, Agentic Execution

Daylight combines expert-defined threat hunting methodology with an agentic execution system to run investigations at scale.

Daylight introduces a fundamentally new model for threat hunting, one that removes the current limitations of time, talent, and scale.

Security experts define hypotheses and analyses, while a coordinated swarm of agents executes the investigation process end-to-end. This includes querying data, iterating through findings, refining datasets, and determining outcomes, without requiring manual execution.

Unlike traditional approaches that rely on predefined playbooks, Daylight’s system adapts each investigation dynamically based on the data, enabling deeper and more accurate analysis.

The service supports two complementary approaches:

  • Hypothesis-based threat hunting, designed to uncover unknown or undetected threats
  • IOC-based threat hunting, used to validate exposure to known threats

Together, they provide continuous coverage across both known and unknown threat vectors.

From Occasional Activity to Continuous Coverage

By removing the dependency on analyst time and scaling execution through an agentic system, Daylight enables organizations to run threat hunting continuously rather than occasionally.

For the first time, organizations can continuously test their environment for undetected threats, rather than relying on periodic, manual hunts.

This allows multiple hypotheses to be tested in parallel across large environments, with investigations completed in minutes instead of weeks.

Each hunt produces a clear outcome, either disproving the hypothesis or identifying activity that requires further investigation, while maintaining full transparency and auditability.

Customer Impact

Early adopters report a shift from periodic, resource-constrained hunting efforts to continuous validation of their environments.

“Mythos and platforms like it make one thing clear: organizations must operate with an assume-breach mindset,” said Itay Livne, CISO at Sixt. “Detection alone will never be perfect, especially as new vulnerabilities emerge. That makes continuous threat hunting essential - but at enterprise scale, speed is now just as critical as coverage. Until recently, achieving both simply wasn’t feasible.”

Table of contents
Example H2
Example H3
form submission image form submission image

Ready to escape the dark and elevate your security?

button decoration
Get a demo
moutain illustration
Cookie Notice

We use cookies to improve your experience on our website. By continuing to browse, you agree to our use of cookies.

Got it