Anthropic Ships $100M AI Cyber Defense to 12 Rivals
Project Glasswing unites AWS, Apple, Google, Microsoft, CrowdStrike, and seven other organizations with $100M in credits for Anthropic's restricted Mythos Preview model to patch critical infrastructure before attackers catch up.
6 min read
TL;DR
- Anthropic launches Project Glasswing with 12 partners: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks
- $100M in Claude Mythos Preview usage credits for participants, plus $4M in direct donations to open-source foundations
- The model is too dangerous for public release - access restricted to Glasswing partners and ~40 additional critical infrastructure organizations
- Cybersecurity stocks that crashed 5-11% on the March Mythos leak reversed course after the partnership announcement
- Anthropic will publish industry security recommendations within 90 days and pursue an independent governance body
Anthropic has convinced 11 of the world's largest technology and financial companies - several of them direct competitors - to join a cybersecurity coalition built around an AI model the company considers too dangerous for public release. Project Glasswing, announced April 7, gives these partners exclusive access to Claude Mythos Preview along with $100 million in API credits to find and patch vulnerabilities in software that runs critical infrastructure.
The coalition reads like a who's who of companies that normally compete on everything: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. That they're sitting at the same table tells you how seriously the industry is taking the cyber capabilities that emerged from Mythos.
The Money
The financial commitments break down into three tiers:
| Commitment | Amount | Purpose |
|---|---|---|
| Mythos Preview credits | $100M | Vulnerability scanning for Glasswing participants |
| Alpha-Omega / OpenSSF | $2.5M | Linux Foundation open-source security programs |
| Apache Software Foundation | $1.5M | Maintainer response capabilities |
The $100M in credits translates to real scanning capacity. At Mythos Preview's pricing of $25 input / $125 output per million tokens, that buys roughly 800 million output tokens - enough to audit significant portions of the world's most critical codebases.
Anthropic CEO Dario Amodei framed it as a starting point: "Glasswing is just the first step: patching and securing the world's software infrastructure will be the work of months and years."
Why These Partners
Each partner brings something specific to the table beyond their balance sheets.
CrowdStrike contributes threat intelligence on 280+ tracked adversary groups and its Falcon platform for endpoint detection. Its CTO put the urgency in plain terms: "The window between a vulnerability being discovered and being exploited by an adversary has collapsed - what once took months now happens in minutes with AI."
AWS is already deploying Mythos Preview in its security operations to "strengthen critical codebases." The model is available through Amazon Bedrock for approved organizations.
Google is making Mythos Preview accessible through Vertex AI. Google DeepMind's own security work, including the Big Sleep vulnerability finder, gives the company direct context for evaluating Mythos's capabilities.
Microsoft tested Mythos against its proprietary CTI-REALM security benchmark and reported "substantial improvements compared to previous models." Access runs through Microsoft Foundry.
Palo Alto Networks confirmed that Mythos "identifies complex vulnerabilities that previous models missed entirely."
The Linux Foundation is channeling the open-source donations through Alpha-Omega and OpenSSF. CEO Jim Zemlin called Glasswing "a credible path to changing that equation" between attackers and defenders, and "how AI-augmented security can become a trusted sidekick for every maintainer."
JPMorganChase is the lone financial institution in the launch group - an acknowledgment that banking infrastructure is a primary target for the kind of exploit chains Mythos can discover.
Market Reversal
The financial markets have whiplashed on this story twice.
When Mythos leaked in March, cybersecurity stocks dropped hard. CrowdStrike fell 6.73%. Palo Alto Networks lost 4.30%. The iShares Cybersecurity ETF shed 4.5%. Investors read the leak as a threat: if AI can find zero-days at scale, then the entire defensive security industry faces disruption.
The Glasswing announcement flipped the narrative. CrowdStrike posted its best single-day performance in six months. Palo Alto Networks surged. The market logic: Anthropic isn't releasing Mythos to the public. It's channeling the model through existing security vendors, making them more valuable rather than obsolete. The partners aren't being disrupted. They're being armed.
The Pentagon Shadow
The timing is impossible to ignore. Anthropic is building a global cybersecurity alliance at the exact moment the US Defense Department is trying to shut the company out of government procurement.
The Pentagon designated Anthropic a "supply chain risk" after the company refused to allow Claude for autonomous weapons targeting and mass surveillance. Federal Judge Rita Lin issued a preliminary injunction blocking the resulting ban, calling it "classic illegal First Amendment retaliation." The Trump administration appealed to the Ninth Circuit on April 6 - one day before Glasswing launched.
By partnering with AWS (which holds the Pentagon's JEDI successor contract), Microsoft (Azure Government), and NVIDIA (the backbone of military compute), Anthropic is demonstrating strategic value to national security through a side door. The message to Washington is implicit but clear: banning Anthropic doesn't just punish the company, it weakens a defensive capability no one else is currently providing.
Open-Source Maintainers
A separate "Claude for Open Source" program lets maintainers of critical projects apply for dedicated Mythos Preview access and support resources. Greg Kroah-Hartman, the Linux kernel maintainer, confirmed the shift is already tangible: "Something happened a month ago, and the world switched. Now we have real reports."
Daniel Stenberg, who maintains curl, echoed the sentiment - AI security reports went from junk to actionable findings requiring real time to process.
But there's a concern embedded in this success. Flooding volunteer maintainers with hundreds of legitimate critical bug reports could overwhelm the exact people Glasswing is meant to help. A 10-person open-source project doesn't have a security response team. It has one person who also writes the documentation.
The 90-Day Clock
Anthropic committed to publishing industry security recommendations within 90 days covering:
- Vulnerability disclosure processes
- Software update mechanisms
- Open-source and supply-chain security
- Secure development lifecycle practices
- Sector-specific standards for regulated industries
- Triage and patching automation
The company's longer-term vision is an independent third-party body - combining private and public sector organizations - to oversee large-scale cybersecurity AI deployment. Anthropic says it is in ongoing discussions with CISA and the Center for AI Standards and Innovation.
The Strategic Play
Project Glasswing is simultaneously a security initiative, a business development move, and a policy argument.
As a security initiative, it addresses a real and urgent problem. Mythos found vulnerabilities that have been hiding for decades - bugs that automated tools and human researchers missed for 27 years.
As business development, it locks 12 major organizations into Anthropic's ecosystem at a moment when those same companies are evaluating which AI vendor to standardize on. The $100M in credits creates switching costs. The security partnerships create institutional relationships.
As a policy argument, it makes the Pentagon's attempt to blacklist Anthropic look strategically incoherent. You can argue about whether Anthropic should build weapons. It's harder to argue the company should be banned from helping defend the infrastructure those weapons are meant to protect.
Alex Stamos's warning hangs over all of it: "We only have something like six months before the open-weight models catch up." If that timeline is right, Glasswing is less a strategic play and more a fire drill with twelve companies trying to patch the building before someone else figures out how to light the match.
Sources:
