Project Glasswing

What Is Project Glasswing?

Project Glasswing is an initiative launched by Anthropic in April 2026 to secure the world's most critical software for the AI era. Rather than releasing the company's most capable model — Claude Mythos — to the general public, Anthropic structured Glasswing as a controlled-access consortium that gives the defenders of essential systems early use of frontier vulnerability-discovery capabilities. The aim is to give defenders a head start of roughly 12–18 months before equivalent capabilities reach open-weights models that anyone can run locally. Glasswing is simultaneously a defense initiative, a governance experiment, and a template for how future frontier AI models may reach the world.

Launch Partners and Consortium

The launch consortium spans hyperscale cloud providers, hardware platforms, security vendors, financial institutions, and open-source stewards: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, and Zscaler. Anthropic has extended access to roughly 40 additional organizations responsible for building or maintaining critical software infrastructure, including operating systems, browsers, kernels, cryptography libraries, and core financial-services platforms. The breadth of partners is unusual and deliberate — the project is engineered so that improvements in one defender's posture cascade into the supply chain of nearly every other digital system.

How It Works

Glasswing partners gain access to Claude Mythos Preview through a controlled deployment pathway with usage guardrails appropriate to cybersecurity defense. Mythos autonomously analyzes complex codebases to surface zero-day vulnerabilities and, in many cases, generate the patches required to remediate them. In its first weeks of operation, the project has already produced notable findings, including a 27-year-old flaw in OpenBSD and exploitable issues in every major operating system and web browser. Anthropic has committed up to $100 million in usage credits and $4 million in donations to open-source security organizations, recognizing that much of the world's critical infrastructure is maintained by under-resourced volunteer projects.

Why It Matters

Glasswing reframes how the most powerful AI systems can be deployed responsibly. The traditional release pattern — a public API or open-weights drop — hands attackers the same capabilities as defenders, with attackers free to pick the time and place of engagement. By contrast, Glasswing concentrates uplift on the defender side of dual-use AI, while denying access to the broader threat landscape for as long as possible. Industry analysts at IBM, the Council on Foreign Relations, and the Bloomsbury Intelligence and Security Institute have characterized the model as a likely template for governance of capabilities that exceed what existing AI regulation can constrain. Critics note that the approach concentrates power in a small consortium and depends on the security of Anthropic's own infrastructure remaining intact.

Position in the Broader Ecosystem

Glasswing operates alongside, not in place of, formal frameworks discussed in responsible AI — the NIST AI Risk Management Framework, ISO 42001, and the EU AI Act — and complements industry efforts in AI in cybersecurity. For organizations building on the agentic economy, Glasswing is also a preview of how agent-vs-agent dynamics will play out at internet scale: a structured way to keep defensive automation ahead of offensive automation during the window in which capability gaps are still wide. Whether that window can be sustained — and what replaces Glasswing once frontier capabilities diffuse — is one of the defining open questions of late-2020s AI governance.