Project Glasswing — AI Has Crossed the Cybersecurity Threshold

// The Signal

AI Has Crossed a Threshold

Claude Mythos Preview is an unreleased frontier model — not a cybersecurity fine-tune, but a full generational leap. Its coding and reasoning capabilities happen to make it devastating at finding vulnerabilities that humans and automated tools have missed for decades.

"It will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout — for economies, public safety, and national security — could be severe."

— Anthropic

// What It Found

Decades of Hidden Flaws, Exposed in Weeks

Thousands of zero-day vulnerabilities across every major OS and browser. Found autonomously — no human steering. Three examples that made it past the patch disclosure window:

27

Years Hidden

OpenBSD

Remote crash of any machine just by connecting to it. OpenBSD is considered the most security-hardened OS on Earth — used for firewalls and critical infrastructure.

Found Autonomously

16

Years Hidden

FFmpeg

Automated testing tools hit the vulnerable line of code 5 million times without catching it. FFmpeg is used by innumerable applications to encode and decode video.

Found Autonomously

∞

Chained Exploit

Linux Kernel

Autonomously found AND chained together several vulnerabilities to escalate from ordinary user access to complete control of the machine. Linux runs most of the world's servers.

Found + Chained Autonomously

// The Model

Mythos Preview vs Opus 4.6

Not incremental improvement — a capability threshold crossing. The SWE-bench Pro jump (+24.4 pts) and Multimodal jump (+31.9 pts) represent a different class of model entirely.

Claude Mythos Preview

Claude Opus 4.6

SWE-bench Verified

93.9%

80.8%

+13.1

SWE-bench Multilingual

87.3%

77.8%

+9.5

BrowseComp

86.9%

83.7%

+3.2

CyberGym

83.1%

66.6%

+16.5

Terminal-Bench 2.0

82.0%

65.4%

+16.6

OSWorld-Verified

79.6%

72.7%

+6.9

SWE-bench Pro

77.8%

53.4%

+24.4

HLE (with tools)

64.7%

53.1%

+11.6

SWE-bench Multimodal

59.0%

27.1%

+31.9

// The Consortium

11 Partners. One Mission.

Plus 40+ additional organizations that build or maintain critical software infrastructure. Launch partners have had access for several weeks — already producing results.

CrowdStrike

Security

Elia Zaitsev, CTO

"The window between a vulnerability being discovered and being exploited by an adversary has collapsed — what once took months now happens in minutes with AI."

Day-one consortium partner. Falcon platform + Mythos-class scanning = structural competitive advantage.

Palo Alto Networks

Security

Lee Klarich, CPO & CTO

"This is not only a game changer for finding previously hidden vulnerabilities, but it also signals a dangerous shift where attackers can soon find even more zero-day vulnerabilities and develop exploits faster than ever before."

Hands-on with Mythos for weeks. Found complex vulns prior-gen models missed entirely.

Microsoft

Igor Tsyganskiy, EVP Cybersecurity & MS Research

Tested against CTI-REALM (open-source security benchmark) — "substantial improvements." Distribution via Microsoft Foundry.

Amazon Web Services

Amy Herzog, VP & CISO

Already applying to critical codebases in own security ops. Process 400 trillion network flows/day. Distribution via Bedrock.

Google

Heather Adkins, VP Security Engineering

Distribution via Vertex AI. Building own AI security tools (Big Sleep, CodeMender). Focus on post-quantum crypto and responsible disclosure.

JPMorganChase

Finance

Pat Opet, CISO

"Promoting the cybersecurity and resiliency of the financial system is central to JPMorganChase's mission."

Financial sector signal. When JPM moves, every other major bank follows within 2-3 quarters.

Cisco

Infrastructure

Anthony Grieco, SVP & Chief Security & Trust Officer

"AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back."

Linux Foundation

Open Source

Jim Zemlin, CEO

"Open source software constitutes the vast majority of code in modern systems, including the very systems AI agents use to write new software."

Receiving $2.5M for Alpha-Omega + OpenSSF. Maintainers can apply via Claude for Open Source program.

NVIDIA

Infrastructure

Launch partner. GPU compute powering Mythos inference at premium pricing.

Broadcom

Infrastructure

Launch partner. Networking and custom silicon for inference workloads.

Apple

Platform

Launch partner. Details pending.

// The Commitment

$104 Million Committed

$100M

Mythos Preview Usage Credits

$2.5M

Linux Foundation
(Alpha-Omega + OpenSSF)

$1.5M

Apache Software Foundation

5x

The Compute Signal

Post-preview pricing is $25/$125 per million tokens — 5x current Opus 4.6 pricing. Every cybersecurity scan running on Mythos creates 5x the inference compute demand. If AI vulnerability scanning becomes a standard enterprise workload, that's a permanent new demand stream at premium pricing — and it's recession-resistant because security budgets are mandatory, not discretionary.

// The Investment Thesis

Six Ways Glasswing Reshapes Markets

This isn't one thesis — it's a catalyst that validates and accelerates multiple conviction tracks simultaneously.

01

⚠

The AI Cybersecurity Arms Race

We are entering an AI-vs-AI cybersecurity era where the attack surface expands dramatically and only AI-native defense can keep pace. This reprices the entire cybersecurity TAM upward.

Every piece of software on Earth is now provably vulnerable — Mythos found flaws that survived 27 years of human review and 5 million automated tests
AI-powered attackers are coming. Every CISO in the consortium said this explicitly
Global cybercrime costs ~$500B/year — that number goes UP as AI lowers the skill barrier for attacks
Global cybersecurity spend (~$200B+) gets repriced upward because the threat model just fundamentally changed

Cybersecurity isn't a mature, slow-growth sector anymore. It just became a growth sector again.

02

🔒

Moat by Exclusive Access

Glasswing creates a new competitive moat — exclusive access to frontier AI capabilities that aren't publicly available. ~50 organizations inside the consortium can build products their competitors literally cannot replicate.

Mythos Preview is NOT being released to the public
CrowdStrike and Palo Alto Networks are inside the walls. SentinelOne, Fortinet, Check Point — they're not
New competitive axis: access to the best AI model for finding vulnerabilities — like having classified intelligence your competitors don't have
Even when Mythos-class capabilities eventually go broad, consortium partners have a multi-quarter head start on integration and institutional knowledge

CRWD PANW

The cybersecurity sector bifurcates. AI-native vendors with consortium access pull away. Legacy vendors become acquisition targets or fade.

03

⚡

The Compute Demand Multiplier

AI cybersecurity workloads create a NEW category of inference demand at premium pricing, amplifying the AI infrastructure supply chain.

Mythos pricing = $25/$125 per MTok — 5x current Opus pricing = 5x compute demand per token
AI vulnerability scanning as a standard enterprise workload = permanent new inference demand stream
ADDITIVE to existing AI training/inference demand — a net new workload category that didn't exist 6 months ago
Enterprise cybersecurity budgets are mandatory spend, not discretionary — this compute demand is recession-resistant

NVDA AVGO ANET AMD

AI demand is broadening beyond training into premium enterprise security workloads. The supply chain rotation is already being sniffed out.

04

🏢

Financial Sector Demand Wave

JPMorgan's CISO at the table signals a coming wave of AI cybersecurity spend across the entire financial sector.

Financial services is the #1 target for cyberattacks and the #1 spender on cybersecurity
When JPM moves, every other major bank follows — this is how enterprise security adoption works
Regulated industries will face new compliance pressure as Glasswing's policy recommendations roll out (90-day timeline)
CrowdStrike and Palo Alto Networks are the primary vendors for large financial institutions

CRWD PANW

The financial sector cybersecurity refresh cycle just got pulled forward. Enterprise revenue acceleration for the platform vendors.

05

🌎

Government + National Security Spend

Glasswing positions AI cybersecurity as a national security priority, unlocking government budget allocation.

Anthropic in ongoing discussions with US government officials about offensive AND defensive capabilities
State-sponsored threats from China, Iran, North Korea, Russia called out by name
Critical infrastructure (power grids, healthcare, banking, transport) all named as vulnerable
CrowdStrike already has FedRAMP authorization and government contracts

CRWD PANW LMT RKLB

Cyber defense is becoming as important as kinetic defense. LMT builds the missiles, CRWD/PANW build the AI cyber shields.

06

🔗

Open Source Supply Chain = New Market

Open-source software security becomes an enterprise-grade AI workload, creating a greenfield market opportunity.

Open source constitutes "the vast majority of code in modern systems" — including the systems AI agents use
Log4j and SolarWinds proved supply chain attacks are catastrophic
$4M in direct donations to open-source security organizations
Policy roadmap explicitly includes "supply chain security" and "patching automation"

AI-powered supply chain scanning is a massive greenfield enterprise opportunity. The maintainers who keep the internet running finally get serious tooling.

// The Convergence

One Catalyst. Four Conviction Tracks.

Cybersecurity

CRWD · PANW

Structural moat deepened via exclusive access. Demand repriced upward. Sector bifurcation begins.

AI Infrastructure

NVDA · AVGO · ANET · AMD

New premium workload category. 5x compute per token. Recession-resistant demand.

Defense

LMT · RKLB

Cyber becomes national security priority alongside kinetic defense. Budget allocation follows.

Cloud Platforms

MSFT · AWS · GOOG

Distribution channels (Foundry, Bedrock, Vertex AI) + own security product enhancement.

Time Horizons

Weeks

Narrative catalyst. Media coverage. Analyst notes. Market begins pricing the moat differential.

Quarters

Product integration announcements. Financial sector adoption wave. Government contract signals.

Years

Structural separation between AI-native and legacy security vendors. Legacy becomes M&A target or irrelevant.

// The Roadmap

What Happens Next

Now

Launch partners have had access for several weeks — already scanning critical codebases and finding vulnerabilities. Results are real.

90 Days

Anthropic publishes public report on findings, vulnerabilities fixed, and lessons learned. Policy recommendations begin rolling out.

Ongoing

Work planned for many months, growing in scope. Partners share best practices with each other.

Future

Safeguards ship with an upcoming Claude Opus model — then Mythos-class capabilities eventually enabled at scale.

Future

Cyber Verification Program opens for security professionals. Independent third-party body proposed to coordinate large-scale cybersecurity projects.

// Policy Roadmap

Recommendations Coming

Anthropic and partners will produce practical recommendations for how security practices should evolve in the AI era:

1 Vulnerability disclosure processes

2 Software update processes

3 Open-source & supply-chain security

4 Secure development lifecycle

5 Standards for regulated industries

6 Triage scaling & automation

7 Patching automation

"Securing critical infrastructure is a top national security priority for democratic countries — the emergence of these cyber capabilities is another reason why the US and its allies must maintain a decisive lead in AI technology."

— Anthropic