What Claude Mythos Is and Why Project Glasswing Matters
Claude Mythos is Anthropic’s class of advanced AI models designed to find and explain software vulnerabilities at scale, turning raw code analysis into prioritized, human-actionable security insight. This focus on Claude Mythos vulnerabilities contrasts with traditional software vulnerability scanning tools that rely on static signatures and known patterns. Through Project Glasswing, Anthropic first gave about 50 organizations controlled access to Mythos Preview, positioning it as a specialized engine for AI security threat detection rather than a general-purpose chatbot. Now that Glasswing is expanding to roughly 200 Project Glasswing partners overall, the initiative signals a shift in how large software producers think about securing critical codebases. Instead of periodic, narrowly scoped audits, early adopters are experimenting with continuous, AI-assisted reviews aimed at catching subtle flaws across entire portfolios before attackers find them.
Cisco’s Massive Code Scan Shows Mythos-Scale Ambition
Cisco’s early work with Claude Mythos Preview illustrates the model’s scale. The company reports that Mythos and other frontier models, including OpenAI’s GPT 5.5-Cyber, scanned 1.8 billion lines of code in eight weeks across more than 25 programming languages. Cisco estimates the same task would have taken its advanced security team eight years using traditional methods. Anthony Grieco, who leads Cisco’s security and trust organization, said the “real breakthrough” is the “scale, quality, and impact” of the findings, noting a false positive rate under 3 percent when paired with a human-guided review process. While Cisco has not disclosed how many flaws the models found or how many have been fixed, its public praise suggests that AI security threat detection is moving from small pilots to central infrastructure for large engineering teams.
Glasswing’s Expansion: 150 New Partners and a Wider Security Net
Anthropic’s expansion of Project Glasswing to approximately 150 new organizations, bringing participation to around 200 partners in about 15 countries, marks a sharp rise in demand for AI-driven software vulnerability scanning. Initial members included cloud, chip, and security giants; the new wave broadens that footprint to sectors like power, water, healthcare, communications, and hardware. Many newcomers are vendors maintaining codebases that other organizations and governments rely on, which amplifies the impact of any vulnerabilities Mythos uncovers. Anthropic says Mythos Preview has already found “thousands of high-severity vulnerabilities,” including issues in every major operating system and web browser, and partners have collectively identified more than 10,000 high- or critical-severity flaws in their own code. This growing partner ecosystem shows Claude Mythos evolving into a specialized security layer within Anthropic’s wider AI platform.
TrendAI and the Push From Discovery to Remediation
TrendAI, the enterprise AI security unit of Trend Micro, joined Project Glasswing to connect Claude Mythos vulnerabilities directly to real-world defense. The company plans to use Mythos Preview to review and analyze software code, helping researchers turn accelerated vulnerability discovery into coordinated disclosure and prioritized remediation. That includes integrating findings into vulnerability shielding and virtual patching so customers see measurable risk reduction rather than raw issue counts. TrendAI describes the acceleration of AI-driven discovery as a positive signal for the industry, fitting into a broader collaborative ecosystem around defensive security. Anthropic, for its part, says its role is not only to help partners find flaws, but also to “shift the support we provide, from finding vulnerabilities to disclosing, fixing, and deploying patched software,” hinting at a future workflow where Mythos feeds directly into patch pipelines.
From Experimental Tool to Enterprise Security Pillar
The fast adoption of Claude Mythos for AI security threat detection shows that many enterprises are willing to accept some risk of AI errors in exchange for breadth and speed. Anthropic itself warns that a successful attack on many partners’ codebases could affect more than 100 million people, underscoring why organizations are seeking new defenses. Concerns about AI reliability and false positives remain, but Cisco’s reported sub-3 percent false positive rate, when combined with human triage, points to emerging best practices. Project Glasswing partners are already sharing methods for triaging and operationalizing Mythos findings so they can be replicated widely. As more AI companies build Mythos-class models, Anthropic’s move to position Claude Mythos as a specialized security tool—rather than a general model used ad hoc—signals that AI-assisted software vulnerability scanning is quickly becoming a core pillar of enterprise security strategy.