RefProject Glasswing (Anthropic)

Project Glasswing (Anthropic)

Project Glasswing (Anthropic)

Consortium using Anthropic's Mythos frontier model to find and fix software vulnerabilities before attackers do.

Project Glasswing
  • Announcement: https://www.anthropic.com/glasswing
  • Model: Claude Mythos Preview (unreleased frontier model)
  • Partners: Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks

Overview

Anthropic's Project Glasswing is a joint initiative with major industry and infrastructure players to use a powerful new model, Claude Mythos Preview, to secure the world's most critical software.

Key points from the announcement:

  • Mythos Preview is a general‑purpose, unreleased frontier model with state‑of‑the‑art vulnerability finding capability.
  • It has already found thousands of high‑severity vulnerabilities, including some in every major operating system and web browser.
  • Anthropic believes we're at a point where "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities."

Goals

  • Use Mythos Preview defensively to scan and secure first‑party and open‑source systems.
  • Get ahead of the risk that similar capabilities will proliferate to actors who do not deploy them safely.
  • Share lessons learned so the broader industry can benefit.

Commitments

Anthropic is:

  • Providing up to $100M in usage credits for Mythos Preview across launch partners and >40 additional critical‑software organizations.
  • Donating $4M directly to open‑source security organizations.

Partners will integrate Mythos Preview into their defensive security work, using it to:

  • Scan their own products and infrastructure
  • Help maintainers of critical open‑source projects find and fix vulnerabilities

Cybersecurity Context

The announcement emphasizes:

  • Critical software (banking, healthcare, logistics, energy, transport, government) already faces serious cyberattacks.
  • State‑sponsored actors (China, Iran, North Korea, Russia) have repeatedly targeted this infrastructure.
  • As AI models become strong vulnerability‑finders and exploiters, the attack surface and potential impact grow dramatically.

Glasswing is framed as an "urgent attempt" to put frontier AI capabilities to work for defense before offense.

Edit this page