Anthropic has introduced Project Glasswing, a cybersecurity initiative aimed at using advanced AI models to identify and address vulnerabilities in critical software systems.
The effort brings together major technology companies and infrastructure providers to strengthen defenses across global digital systems. The initiative also references the glasswing butterfly (Greta oto), a symbol used to describe transparency and hidden vulnerabilities in complex systems.
Project Glasswing
Project Glasswing is a collaborative program involving Amazon Web Services, Google, Microsoft, Apple, NVIDIA, Cisco, CrowdStrike, Palo Alto Networks, Broadcom, JPMorganChase, and the Linux Foundation.
At the center of the initiative is Claude Mythos Preview, a frontier AI model developed by Anthropic for cybersecurity-focused applications. The term “Mythos” originates from Ancient Greek, meaning “narrative” or “utterance,” and reflects the system used to interpret complex patterns in data and code.
Key features
- Applies AI models to detect vulnerabilities across software systems
- Identifies previously unknown zero-day vulnerabilities
- Supports penetration testing and binary analysis workflows
- Enables black-box testing of applications and systems
- Assists in securing endpoints and infrastructure components
- Integrates with enterprise and open-source security processes
- Focuses on defensive cybersecurity applications
- Supports automation in vulnerability triage and detection
- Enhances secure software development and patching practices
Examples & Performance benchmarks
Claude Mythos Preview has identified thousands of high-severity vulnerabilities across major platforms, including operating systems and web browsers. Many of these were previously unknown to developers.
Examples include:
- A 27-year-old vulnerability in OpenBSD that could allow remote system crashes
- A 16-year-old vulnerability in FFmpeg not detected by extensive automated testing
- Multiple chained vulnerabilities in the Linux kernel enabling privilege escalation
These issues have been reported to maintainers and patched. Additional vulnerabilities are being disclosed securely using cryptographic hashes until fixes are released.
Benchmark results from CyberGym:
- Mythos Preview: 83.1%
- Claude Opus 4.6: 66.6%
Industry collaboration and partners
Project Glasswing involves a broad group of organizations working together to improve cybersecurity across critical systems. Along with primary partners, Anthropic has granted access to more than 40 additional organizations responsible for maintaining essential software infrastructure.
These participants use the model for vulnerability detection, system evaluation, and security testing across both proprietary and open-source environments, covering a significant portion of the global software attack surface.
Access, funding, and support
Anthropic has allocated up to $100 million in model usage credits to support Project Glasswing participants. These credits enable large-scale use of Claude Mythos Preview for research and defensive security tasks.
Additional support includes:
- $4 million in donations to open-source security organizations
- Contributions to Alpha-Omega and OpenSSF via the Linux Foundation
- Funding for the Apache Software Foundation
- Access pathways through the Claude for Open Source program
Claude Mythos Preview is available through platforms such as the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry. After the preview phase, pricing is set at $25 per million input tokens and $125 per million output tokens.
Future roadmap and security focus
Project Glasswing is intended as a long-term initiative to adapt cybersecurity practices to evolving AI capabilities. Anthropic plans to work with industry partners, open-source contributors, and government stakeholders to improve security frameworks and safeguards.
Focus areas include:
- Vulnerability disclosure workflows
- Secure software development lifecycle practices
- Open-source and supply chain security
- Automated patching and triage systems
- Triage scaling and response automation
- Standards for regulated industries
Anthropic plans to publish a public report within 90 days summarizing findings and improvements. The company is also working toward enhanced safeguards for future models, enabling safer deployment of advanced AI systems while minimizing misuse risks. Discussions with government stakeholders are ongoing to address national security considerations.
Availability
Claude Mythos Preview is not available for general public release. Access is restricted to selected partners and approved participants in Project Glasswing. Eligible security professionals and maintainers can apply through the Cyber Verification Program and Claude for Open Source initiative to gain controlled access for defensive cybersecurity use cases.