Test

AI Governance

Anthropic Mythos and Project Glasswing: A New Tier System for Cyber Defense

Anthropic's Mythos model and Project Glasswing split global cyber defense in two. Why brand manufacturers are on the wrong side of the asymmetry.

C Carlos Martínez Barriga 5 min read
Dark server room with blue network lights illustrating Anthropic Mythos AI cybersecurity model and Project Glasswing restricted access tier
Anthropic’s Mythos and Project Glasswing reshape who sees vulnerabilities first.
Table of contents

Executive summary

  • Anthropic’s Mythos model surpasses all but elite humans at finding software vulnerabilities and has already flagged thousands of high-severity bugs across major OSes and browsers.

  • Project Glasswing limits access to roughly 40 firms — AWS, Apple, Cisco, CrowdStrike, Google, Microsoft, Nvidia, Palo Alto Networks, JPMorgan Chase among them. Zero European banks, governments or cyber agencies are inside.

  • For brand manufacturers running aging ERP, MES and SCADA stacks, the asymmetry — not the model — is the operational risk.

Anthropic has quietly built the most consequential cybersecurity asset of the year, and most of the world cannot touch it. Mythos, a frontier model tuned for vulnerability discovery, is being released through a controlled program named Project Glasswing. The list of who is in tells you more about the next decade of cyber defense than any product page.

What Project Glasswing actually is

Glasswing is not a beta. It is a tier. Anthropic confirmed access for around 40 organisations: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks form the technical core. JPMorgan Chase is the only confirmed financial institution. Dario Amodei met senior Trump administration officials at the White House to discuss expansion, and the answer was a hard no: the administration blocked a proposed extension to roughly 70 additional organisations, citing national-security concentration risk and raw compute capacity.

The US Treasury was reportedly seeking access. EU finance ministers are pushing publicly. Operational technology vendors — the firms running industrial controls for utilities, refineries and factory floors — have voiced what Nextgov bluntly described as annoyance at being shut out.

Why this is a manufacturer problem, not a Big Tech problem

Inside the 40, Mythos becomes a pre-emptive intelligence layer. Patches arrive before exploits. Outside the 40, every codebase is effectively a research environment for the same techniques, since vulnerability classes Mythos discovers will eventually surface in adversary tooling. Rest of World reports that no European bank, government or cybersecurity agency is currently in the program. That is not a footnote. That is the map.

Brand manufacturers sit in the most exposed quadrant of this map. Their ERP installations are often a decade old. Their MES and SCADA layers were architected before AI red-teaming existed. Their suppliers run on shared portals nobody has fuzzed at scale. None of those systems will be tested by Mythos under Glasswing terms — they will be tested by whatever appears in the wild three to nine months later.

Epinium data

Across the 60+ brand manufacturers we’ve supported in 5+ years, the average IT/ERP stack contains 14+ years of compounded legacy code — exactly the surface AI vulnerability scanners like Mythos are tuned to expose first.

The asymmetry every CISO should plan around

Glasswing creates a two-speed defense economy. Speed one: hyperscalers and a handful of partners patch silently using model-discovered findings. Speed two: everyone else inherits a more hostile threat surface without the corresponding telescope. The strategic question is not whether to wait for access. It is how to compress the window between disclosure and remediation when you are structurally on the slow side of the asymmetry. For a deeper view of how legacy stacks compound this risk, see our analysis of AI-era IT readiness.

What is Anthropic’s Mythos model?

Mythos is a frontier model from Anthropic specialised in identifying and exploiting software vulnerabilities. According to Anthropic, it has already discovered thousands of high-severity flaws, including in every major operating system and browser. It is currently distributed only through Project Glasswing.

Who has access to Project Glasswing?

Around 40 organisations, including AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks. JPMorgan Chase is the only confirmed financial institution. No European bank, government or cyber agency has been confirmed as a participant.

Why did the White House block expansion?

Senior administration officials cited national-security concentration risk and limited compute capacity if access were extended to roughly 70 additional organisations. The decision keeps the program tight while the US Treasury and EU counterparts continue requesting entry.

Does Mythos affect brand manufacturers directly?

Yes, indirectly but materially. Manufacturers rarely sit inside Glasswing, yet their ERP, MES and SCADA systems share code lineages with software the model is auditing. Vulnerability classes surfaced privately today often appear in public exploit kits within months.

What should manufacturer IT teams do now?

Inventory legacy components, map exposure to vendors who are inside Glasswing, accelerate patch cadences, and treat AI-assisted red-teaming as a baseline control rather than a future capability. The defensive gap is widening faster than annual budget cycles.

Glasswing will not stay this small forever, but the precedent — that frontier security intelligence is allocated by treaty, not by purchase — is the durable change. The manufacturers that prepare for the asymmetry, rather than for the eventual access, are the ones who will not show up in next year’s breach list.

Worried your legacy stack is about to be a liability? Mythos-class scanners will keep widening the gap between defenders inside Glasswing and everyone else, and manufacturer ERP/MES estates are the softest target in that gap. See how Epinium Transform audits AI-era vulnerability exposure →

#ai cybersecurity #ai governance #anthropic mythos #manufacturer it #project glasswing #vulnerability discovery