Anthropic says its early cybersecurity initiative, Project Glasswing, is already giving security teams a head start against emerging threats as the company expands access to its newest frontier model, Claude Mythos Preview, for defensive work across critical software systems.
The company described the effort as an “initial update” to a program launched to help protect some of the world’s most important software infrastructure at a time when AI tools are rapidly changing the cyber threat landscape. Project Glasswing was designed as a limited, tightly controlled collaboration between Anthropic and a group of major technology and infrastructure organizations, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks.
According to Anthropic, the initiative is intended to evaluate how frontier AI can be used on the defensive side of cybersecurity, especially for systems that underpin cloud services, operating systems, enterprise software, open-source packages and other critical digital infrastructure. The company said the model has already demonstrated strong capability in code analysis, vulnerability discovery and software repair — tasks that can be extraordinarily time-consuming for human teams working at internet scale.
Early findings and broader access
Anthropic said Project Glasswing is not only being used by launch partners, but has also been extended to more than 40 additional organizations that build or maintain critical software infrastructure. Those groups can use the system to scan both their own code and open-source components for weaknesses.
The company said it is committing up to $100 million in usage credits for Claude Mythos Preview across these efforts, along with $4 million in direct donations to open-source security organizations. That funding is meant to help maintainers and defenders keep pace with a rapidly evolving threat environment while researchers learn how best to deploy frontier AI safely in real-world security workflows.
Anthropic’s stated goal is to share what it learns with the broader industry so that lessons from the project can improve defensive practices beyond the participating organizations. In its announcement, the company emphasized that it wants to understand not only what the model can do, but also how it should be governed, monitored and constrained when used in cybersecurity operations.
A model built for coding and agentic tasks
Claude Mythos Preview, the model at the center of the project, is described by Anthropic as its most capable system yet for coding and agentic tasks. The company says that capability is directly relevant to cybersecurity because a model that can understand, modify and reason about complex software can also help identify flaws in that software.
Anthropic has argued that the same strengths that make frontier models productive software tools can also make them valuable defensive security instruments. In the company’s view, AI systems that can inspect codebases, trace logic paths, test exploitability and suggest patches may eventually help defenders reduce the time between vulnerability discovery and remediation.
At the same time, the company’s decision to keep the model in a gated preview reflects the risks involved. Anthropic has said previously that the model is not being released broadly because of its cyber capabilities, highlighting the tension between expanding legitimate defensive use and limiting access to tools that could be misused by attackers.
Why the initiative matters
Project Glasswing arrives as governments, infrastructure providers and security teams confront a new reality: AI can accelerate both cyber defense and cyber offense. Security researchers have long used automation to find bugs, but frontier models can now assist with deeper code understanding, faster exploit development and more effective vulnerability chaining.
That shift has raised concern among defenders that attackers may soon have access to tools capable of uncovering and weaponizing weaknesses at a scale and speed that outpaces traditional patching cycles. Anthropic says Project Glasswing is meant to buy defenders time by using advanced AI to identify and fix vulnerabilities before they can be exploited widely.
Open-source software is a particular focus. Because so much of the world’s digital infrastructure depends on open-source libraries and maintainers often work with limited resources, even a small vulnerability in a widely used package can have outsized consequences. Anthropic’s donations to security organizations and its access for maintainers reflect recognition that this part of the ecosystem is both essential and under strain.
Industry implications
The partnership list itself underscores the scale of the issue. Cloud companies, chipmakers, enterprise software vendors, financial institutions and major open-source stewards all have a stake in preventing vulnerabilities from spreading through the stack. By bringing those stakeholders together, Anthropic is positioning Project Glasswing as an experiment not just in AI, but in collective cyber defense.
Still, analysts say the initiative raises difficult questions about access, oversight and long-term risk. If a frontier model can help defenders find flaws, it may also create incentives for adversaries to push for similar capabilities. Balancing security research, responsible deployment and broad safeguards will likely become a central issue as more powerful models enter cybersecurity workflows.
Anthropic says it plans to continue the program and publish what it learns, suggesting that Project Glasswing is as much a research effort as an operational defense tool. For now, the company is presenting the initiative as an early example of how AI may be used to strengthen the software ecosystem before attackers gain the upper hand.
With critical infrastructure under constant pressure and AI systems becoming more capable by the month, Project Glasswing may offer an early glimpse of the next phase of cybersecurity: one in which the race to secure software is increasingly shaped by the same technology that could be used to break it.