New Delhi, April 8
Anthropic announced Project Glasswing, a new initiative that brings together Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks in an effort to "secure the world's most critical software." The collaborative effort comes as AI models reach a level of coding capability that allows them to find and exploit software vulnerabilities more effectively than most humans.
According to a statement by Anthropic, the project was formed because of capabilities observed in Claude Mythos² Preview, a general-purpose, unreleased frontier model. According to the company, this model has already identified thousands of high-severity vulnerabilities in major operating systems and web browsers.
"AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back. Our foundational work with these models has shown we can identify and fix security vulnerabilities across hardware and software at a pace and scale previously impossible. That is a profound shift, and a clear signal that the old ways of hardening systems are no longer sufficient," said Anthony Grieco, SVP, & Chief Security & Trust Officer at Cisco.
Anthropic committed up to USD 100 million in usage credits for the Mythos Preview model to support the project and 40 additional organisations. The statement noted that the "current global financial cost of cybercrime is estimated at roughly USD 500 billion annually." The project aimed to use AI for defensive purposes like local vulnerability detection and penetration testing, before these capabilities proliferate to unsafe actors.
"At AWS, we build defences before threats emerge, from our custom silicon up through the technology stack. Security isn't a phase for us; it's continuous and embedded in everything we do. We've been testing Claude Mythos Preview in our own security operations, applying it to critical codebases, where it's already helping us strengthen our code," said Amy Herzog, Vice President and CISO at Amazon Web Services.
As part of the initiative, Anthropic donated USD 2.5 million to Alpha-Omega and OpenSSF and USD 1.5 million to the Apache Software Foundation. The company also engaged in ongoing discussions with US government officials regarding the model's offensive and defensive capabilities.
"As we enter a phase where cybersecurity is no longer bound by purely human capacity, the opportunity to use AI responsibly to improve security and reduce risk at scale is unprecedented. Joining Project Glasswing, with access to Claude Mythos Preview, allows us to identify and mitigate risk early and augment our security and development solutions so we can better protect customers and Microsoft," said Igor Tsyganskiy, EVP of Cybersecurity and Microsoft Research at Microsoft.
Anthropic planned to report publicly on the vulnerabilities fixed and improvements made within 90 days. Following the research preview, the model will be available to participants at rates of USD 25 per million input tokens and USD 125 per million output tokens.
"Google is pleased to see this cross-industry cybersecurity initiative coming together and to make Mythos Preview available to participants via Vertex AI. It's always been critical that the industry work together on emerging security issues, whether it's post-quantum cryptography, responsible zero-day disclosure, secure open source software, or defense against AI-based attacks," said Heather Adkins, VP of Security Engineering at Google.
- ANI
Reader Comments
We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.