Anthropic today announced it is expanding Project Glasswing, its collaborative defensive cybersecurity initiative, with participation of some 150 new organizations to continue work on making AI models more secure.
The goal of Project Glasswing is to help organizations scan their code for vulnerabilities, using the Claude Mythos Preview model. When Anthropic developed the model, the company soon saw that it was finding vulnerabilities more quickly than humans could and also showed how to exploit them. The first 50 or so companies that have deployed the model found more than 10,000 high- or critical-severity flaws, according to the company. Now, about 150 new organizations — all of which provide critical infrastructure that if attacked would be catastrophic and affect more than 100 million people worldwide, Anthropic said — will have access to Mythos preview.
In a blog announcement of the expansion of Project Glasswing, Anthropic wrote: “Mythos Preview continues a long-term trend that we’ve been warning about for some time: within 6 to 12 months, we expect that many other AI companies will have Mythos-class models, and they could release them without safeguards that prevent misuse. In that world, cyberattacks could occur much more often, and in much more unpredictable forms. It’s imperative that cyberdefenders adapt to maintain pace.”
Mythos-class models are surfacing a large number of vulnerabilities that organizations now need to move quickly to verify, disclose the patch them. They can also do pen-testing to see how those vulnerabilities might be exploited, as well as performing automated threat detection and response, and rebuilding legacy code in memory-safe languages, the company said.
To help organizations meet that challenge, Anthropic is working to release generally the capabilities within Mythos, and is expanding Project Glasswing further by prioritizing cloud and infrastructure providers, widely adopted critical open source projects and safety testers. The company is releasing the tools it developed to support the Project Glasswing partners’ efforts to find vulnerabilities more quickly, and it created Claude Security, which uses Anthropic’s frontier public models, such as the recently released Claude Opus 4.8, to scan code and suggest patches. And, the company is ramping up its Cyber Verification Program that it said will “grant Mythos-class capabilities to many more organizations for specific cyberdefense tasks.”
Anthropic caught some flack when it first released Mythos to a select few companies to work with, as many within the industry felt it should have been immediately shared widely to help defend against attacks. But because of the ability to show how vulnerabilities could be exploited, the company didn’t want it exposed to potential bad actors.
Jeff Williams, founder of OWASP and founder of Contrast Security, said in a statement to SD Times: “The obvious point is that this puts massive new stress on security teams that were already underwater. AI is turning vulnerability discovery into an industrial-scale activity, but most organizations still remediate at human speed. Maybe this is what the ecosystem needed to finally get serious about application security risk, but we should be honest: we have many painful years of catch-up work ahead. Finding more vulnerabilities does not make software safer unless we can validate, prioritize, fix, test, and deploy at the same pace.
“That’s why runtime protection has rapidly become a critical compensating control for organizations that cannot keep up with remediation — which is basically everyone,” Williams continued. “If AI accelerates vulnerability discovery for both defenders and attackers, organizations need a way to reduce exploitability now, not after the backlog clears. The winning strategy is not just “scan faster.” It is knowing what is actually running, what is exposed, what is under attack, and how to prevent exploitation while remediation inevitably lags behind discovery. In the long term, we will need to reinvent our appsec workflows. Most organizations are still trying to use AI to solve yesterday’s problems like scanning and patches. I believe that we can use AI to finally do activities like threat modeling, security architecture, and assurance that will help us achieve “secure-by-design.” Standardizing security controls will make getting the code right the first time much more likely, and simplify verification to catch anything that strays from the “paved road.” This is how we get off the “penetrate-and-patch” hamster-wheel of pain.”
