On April 7, Anthropic launched Project Glasswing — a restricted security initiative pairing its most powerful AI model, Claude Mythos, with a select group of enterprise partners for defensive cybersecurity work. The model is not available to the public, and Anthropic says it intends to keep it that way for now.
The reason: Anthropic describes Mythos as “currently far ahead of any other AI model in cyber capabilities” and believes its offensive potential is too significant to release broadly.
What Claude Mythos Can Actually Do
In internal testing, Mythos autonomously identified and exploited a 17-year-old remote code execution vulnerability in FreeBSD (CVE-2026-4747) with no human involvement after receiving just the initial prompt. It also flagged thousands of zero-day vulnerabilities across major operating systems and browsers, many of them critical.
Anthropic’s own assessment is stark: Mythos “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.”
That is not marketing language. It is a warning — and the reason the company chose a controlled rollout over a standard launch.
Who Gets Access
Project Glasswing launched with eight named enterprise partners: Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks. An additional 40 organisations are also gaining access through the programme.
The programme is focused explicitly on defensive applications: finding and patching vulnerabilities before attackers can exploit them. The model works alongside security teams, not in place of them.
Why a Major AI Lab Is Choosing Restraint
This is unusual. The competitive dynamics of the AI industry create strong pressure to ship. Every week of delay is a week a competitor can close the gap.
Anthropic is absorbing that cost deliberately. The decision to restrict Mythos access signals something important: the gap between what frontier AI can do in the hands of defenders versus attackers is real enough that even the lab building the model is worried about the asymmetry.
This is not the first time an AI lab has flagged dual-use risks, but it may be the clearest public example of a lab withholding a commercial product because of genuine concern about offensive misuse.
What This Means for Business
For security teams: AI-assisted vulnerability discovery is now real, not hypothetical. If you have not started thinking about how AI fits into your security workflow — both as a defensive tool and as something adversaries will use — the window to get ahead of this is narrowing.
For IT and infrastructure leaders: The naming of Amazon, Apple, Broadcom, Cisco, CrowdStrike, Microsoft, and Palo Alto as launch partners is significant. These are the companies that underpin enterprise technology stacks. That they are the first in line to work with the most capable offensive AI model in existence tells you where this is heading.
For business leaders watching AI development: The Mythos situation is a preview of a recurring tension. As AI capabilities accelerate, the distance between “powerful enough to be genuinely useful” and “powerful enough to be genuinely dangerous” keeps compressing. How labs, regulators, and enterprises navigate that gap will shape how AI gets deployed over the next few years.
For everyone deploying AI in operations: The fact that Anthropic’s most capable model is being reserved for controlled enterprise use — not consumer use — reinforces a pattern we keep seeing. Frontier AI is increasingly an enterprise-first product. The capabilities going into business deployments are not the same as what is available in consumer apps.
Anthropic’s Mythos is not the last model that will prompt this kind of controlled rollout. OpenAI confirmed as much two days later, announcing its own restricted Trusted Access for Cyber product built on GPT-5.3-Codex — a direct signal that the industry is aligning around controlled deployment rather than open release for its most capable cybersecurity AI. The question for business leaders is not whether this affects them — it is how quickly the capabilities currently locked behind these programs become standard across the industry.
If this is the kind of problem agents can help with, the free Working With Claude field guide is the practical next step. Thirty-two pages, no fluff. Get the free guide.
Source
VentureBeat
Free Resource
Going deeper with Claude?
Get the free 32-page implementation guide for ANZ teams.
Your guide is ready
Check your downloads folder. If it did not open automatically, use the button below.
Download the Guide