Anthropic's Glasswing scrutiny

Anthropic’s new cybersecurity club is drawing antitrust scrutiny after ProMarket argued its members could end up controlling who gets the fastest fixes. (promarket.org) Anthropic announced Project Glasswing on April 7, saying it would give launch partners early access to Claude Mythos Preview to find and fix vulnerabilities in critical software. Anthropic named Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks as launch partners. (anthropic.com) Anthropic said the program also extends access to more than 40 additional organizations that build or maintain critical software infrastructure, with up to $100 million in usage credits and $4 million in donations to open-source security groups. Reuters reported on April 7 that the model remains unreleased to the public and is limited to defensive cybersecurity work. (anthropic.com) (reuters.com) The basic idea is simple: use a powerful model to scan code for hidden flaws before criminals do. Anthropic said Claude Mythos Preview had already helped identify vulnerabilities across hardware and software at a pace it called beyond older security methods. (anthropic.com) ProMarket’s April 22 article argued that this kind of closed coordination can trigger classic antitrust questions when rivals share sensitive information and outsiders do not get the same access. The piece pointed to Section 1 of the Sherman Antitrust Act, which bars some combinations in restraint of trade, including certain information-sharing arrangements and group boycotts. (promarket.org) That question lands at a moment when large technology companies are already under pressure over how artificial intelligence infrastructure is governed. In ProMarket’s telling, a private group of dominant firms handling critical security functions without formal public oversight creates a competition problem as well as a safety plan. (promarket.org) Anthropic and its supporters frame the same arrangement as a defensive response to a fast-moving cyber threat. Senator Mark Warner said on April 7 that he applauded the companies for sharing information, capabilities, and computing capacity to protect critical infrastructure as threat actors adopt artificial intelligence tools. (warner.senate.gov) The public record on Glasswing’s results is still thin. VulnCheck said on April 15 that 75 Common Vulnerabilities and Exposures records mention Anthropic, 40 credit Anthropic researchers, and only one was explicitly attributed to Project Glasswing itself. (vulncheck.com) That leaves regulators, rivals, and customers weighing two facts at once: Anthropic has assembled a small roster of companies with early access to a powerful security model, and the evidence available so far does not yet show how much of the promised defensive gain comes from the closed structure itself. (anthropic.com) (vulncheck.com)