The real question about Anthropic’s new Claude Mythos Preview AI model is whether it (and future models like it) will be more helpful to defensive cybersecurity or to hackers. To find out, Fast Company asked a number of cybersecurity pros.
Claude Mythos, released in “preview” on April 9, is Anthropic’s biggest and most capable frontier AI model. Anthropic researchers say that during its training, the model showed a unique ability to find security vulnerabilities deep within software code, then create exploits to gain administrator-level access to software systems, including operating systems.
Because of this, Anthropic says, Mythos is too dangerous to release to the public. But because similar AI models are likely on the way, it announced an industry initiative called Project Glasswing, for which it’s giving cybersecurity researchers at various companies and institutions access to the Mythos model so they can harden widely deployed software against AI-assisted attacks.
“What Anthropic is showing . . . is how quickly AI is getting to a place where it can identify vulnerabilities at scale,” says Marcus Fowler, CEO of Darktrace Federal. “When AI can find vulnerabilities at a speed and depth that materially changes how quickly weaknesses can be identified, it fundamentally accelerates the discovery of issues across both new and existing systems.”
Dean Ball, a senior fellow at the Foundation for American Innovation and former senior policy adviser for artificial intelligence and emerging technology under President Donald Trump, says that by getting early access to Mythos, cybersecurity researchers will have an advantage in the ongoing cold war with hackers.
“When the dust settles, Mythos and the similarly capable models that will follow it will go down as major achievements in the history of cybersecurity,” Ball tweeted Thursday. “The hardening they will do to all important global software is a gift from American capitalism given freely to the world, at our great expense.”
But Ball acknowledges in a message to Fast Company that there may be a time clock on the advantage Mythos confers. There’s a constant struggle between defensive cybersecurity people and cybercriminals (hackers) to use the latest software to their advantage. “There is always an equilibrium between offense and defense, and Anthropic is attempting to give defense a leg up by keeping Mythos in limited availability for now,” Ball says.
