Anthropic expands AI security program to shield critical global infrastructure

Anthropic said Tuesday it is expanding its Project Glasswing program, which uses artificial intelligence to help secure critical software systems.

The company said the initiative gives selected organizations access to Claude Mythos Preview, an AI tool that scans codebases to identify security vulnerabilities.

In early April, the program launched with around 50 partners, who have since used the model to scan their codebases and have "so far found more than 10,000 high- or critical-severity security flaws."

Anthropic said it is adding approximately 150 new organizations to the program, each of which must meet security requirements before gaining access.

The new participants are based in more than 15 countries and include organizations that provide critical infrastructure across sectors such as power, water, health care, communications and hardware. Many are vendors, companies or nonprofits that maintain codebases relied upon by other organizations, including governments.

Anthropic said that for most partners, a successful attack on their codebase could affect more than 100 million people, with implications for national and global security.

The company said the expansion follows collaboration with existing Project Glasswing partners, the security industry, open-source software maintainers and the US government.

It also warned that "cheap, fast AI models with powerful cyber capabilities are around the corner," and that similar systems could become widely available within six to 12 months, including to malicious actors, making it essential for cyberdefenders to adapt.

To support organizations, Anthropic has also launched Claude Security, a product that uses its publicly available models to scan codebases and suggest patches. It said additional tools developed for trusted security teams will be made available on request.

Anthropic said it plans to continue expanding Project Glasswing, including increasing geographical reach and scaling up related cybersecurity initiatives.

It added that future efforts will focus on helping the industry adapt to advanced AI systems and improving vulnerability detection, disclosure and patching processes.

"If we're successful, we hope to enable a permanent advantage for defenders," the company said.