ENISA gains Anthropic Mythos access

Anthropic is moving to give the European Union Agency for Cybersecurity, or ENISA, access to Claude Mythos Preview through Project Glasswing, its controlled testing program for advanced cyber models, according to Bloomberg. The step would make ENISA the first EU body brought into the initiative before any wider release of the model. Anthropic launched Project Glasswing on April 7 to let selected organizations use Mythos on critical software in defensive security work. Anthropic said on May 22 that about 50 partners had already used the model to find more than 10,000 high- or critical-severity vulnerabilities. ### What exactly is ENISA getting access to? Project Glasswing is Anthropic’s program for giving selected organizations early access to Claude Mythos Preview, a model the company says is aimed at securing critical software for the AI era. Anthropic says the launch partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks, along with more than 40 additional organizations that build or maintain critical software infrastructure. (bloomberg.com) Bloomberg reported on June 1 that Anthropic planned to let ENISA join that group, with the decision communicated to the European Commission over the weekend. Heise, citing Bloomberg and comments from EU officials, reported that ENISA and the Commission had confirmed discussions, though conditions and timing were still being negotiated. (anthropic.com) ### Why does Mythos matter more than a normal security model? Microsoft said on April 22 that recent AI models can autonomously discover weaknesses, chain lower-severity issues into end-to-end exploits, and produce proof-of-concept code. Anthropic has framed Mythos in similar terms by limiting access and placing it inside a defensive program rather than releasing it broadly. (bloomberg.com) Anthropic said on May 22 that the bottleneck in software security is shifting. “Now it’s limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI,” the company wrote in its Project Glasswing update. Anthropic also said most partners had each found hundreds of high- or critical-severity vulnerabilities, and Cloudflare alone had found 2,000 bugs, including 400 high- or critical-severity issues, across critical-path systems. (microsoft.com) ### Is this only about finding bugs, or also about exploitation? Microsoft said the new class of models can both discover vulnerabilities and help build working exploit chains, which is why companies and governments are treating access as a controlled security matter rather than a standard product rollout. Anthropic’s own public description of Glasswing says partners are using Mythos “as part of their defensive security work,” but the company has also said the model changes the urgency of protecting critical infrastructure. (anthropic.com) That matters for ENISA because the agency’s role is not just product testing. If ENISA gets operational access, it would be evaluating a model that can sit inside real security workflows: finding flaws, helping validate them, and informing remediation and disclosure. That is an inference from Anthropic’s and Microsoft’s descriptions of current use, not a public statement from ENISA about its exact evaluation plan. (microsoft.com) ### Why was EU access a separate issue? Heise reported that EU officials had been pressing for access since Mythos was introduced in April, while Anthropic had cited the model’s unusually strong vulnerability-finding performance and misuse risk as reasons for limiting access. The same report said one live issue in the talks was how far Anthropic’s access to EU systems would extend when European bodies use Mythos. (anthropic.com) Bloomberg reported that the European Commission had held meetings with Anthropic and welcomed the latest development. That places the ENISA access question inside a broader negotiation over who gets to use frontier cyber models, under what controls, and with what visibility into sensitive systems. ### What changes for companies watching this? (heise.de) Anthropic said Glasswing is built around organizations responsible for infrastructure “billions of people depend on,” and Microsoft said its own strategy is to pair leading models with enterprise-grade security platforms rather than rely on a single model. Those statements show that frontier cyber models are being folded into governed security programs, not treated as standalone assistants. (bloomberg.com) For companies, the immediate issue is process. Anthropic said disclosed vulnerabilities remain a lagging indicator because details are being withheld until patches are available or widely deployed under standard disclosure timelines, typically around 90 days from discovery or about 45 days after a patch becomes available. Anthropic has said it will provide more detail on Mythos findings once patches are widely deployed. (anthropic.com) ENISA’s participation, if finalized, would add an EU public-sector cybersecurity body to the group testing the model through Project Glasswing. (anthropic.com)