Anthropic splits its bets

Anthropic spent April 8 and April 9 doing two opposite things at once: it opened a new business line for companies that want artificial intelligence agents to do long jobs for them, and it locked down a separate model that Anthropic says is unusually good at breaking software. (anthropic.com 1) (anthropic.com 2) The product side is called Claude Managed Agents, and it is a hosted service where Anthropic runs the agent for you instead of making your engineers build the plumbing themselves. The security side is called Project Glasswing, and it gives a small set of partners access to Claude Mythos Preview for defensive work rather than a public release. (anthropic.com 1) (anthropic.com 2) A managed agent is basically a software worker that keeps going after the first answer, like an intern who can open files, run code, use tools, and come back with updates over time. Anthropic’s quickstart says developers create an agent, create an environment, and then start a session that runs inside Anthropic’s cloud. (platform.claude.com) Anthropic says the hard part of this business is not the model alone but the “harness,” which is the loop that calls the model, routes tool use, and keeps long tasks alive. In its engineering post, the company says those harnesses go stale as models improve, so it wants customers to rely on stable interfaces while Anthropic keeps changing the machinery underneath. (anthropic.com) The company breaks that machinery into three pieces: a session, which is the running log of what happened; a harness, which is the control loop; and a sandbox, which is the execution box where code runs and files get edited. Anthropic says it built Managed Agents so those pieces can be swapped independently instead of living in one fragile container. (anthropic.com) The quickstart shows why Anthropic thinks enterprises will pay for this: one agent can be built on Claude Sonnet 4.6, given prebuilt tools including bash, file operations, and web search, and launched with a beta application programming interface header dated 2026-04-01. That turns “build an agent platform” into “call three endpoints.” (platform.claude.com) At the same time, Anthropic says its unreleased Mythos model crossed a different threshold. In the Glasswing announcement, the company says Claude Mythos 2 Preview can surpass all but the most skilled humans at finding and exploiting software vulnerabilities. (anthropic.com) Anthropic says Mythos Preview has already found thousands of high-severity vulnerabilities, including flaws in every major operating system and web browser. Its system card says the capability jump was large enough that Anthropic decided not to make the model generally available. (anthropic.com 1) (anthropic.com 2) So instead of shipping Mythos like a normal model launch, Anthropic is funneling it into a controlled program with named partners including Amazon Web Services, Apple, Cisco, Google, Microsoft, Nvidia, Palo Alto Networks, JPMorganChase, and the Linux Foundation. Anthropic also says more than 40 additional organizations that maintain critical software infrastructure will get access for scanning first-party and open-source systems. (anthropic.com) (anthropic.com) Anthropic is putting money behind that fence. The company says it will provide up to $100 million in Mythos Preview usage credits and $4 million in direct donations to open-source security organizations. (anthropic.com) The split is the story: Anthropic is selling agent automation more aggressively right as it is treating top-end cyber capability like controlled material. One Anthropic post invites developers to start sessions and ship products now, while another says its strongest cyber model is too dangerous for broad release and will stay inside a defensive channel. (platform.claude.com) (anthropic.com)