Anthropic is reportedly altering its earlier policy regarding the dissemination of information uncovered through its powerful cybersecurity-focused artificial intelligence model known as Mythos. According to a report by Reuters, the company has announced that users of the Mythos cybersecurity model will now be permitted to share cyber threat intelligence with other organizations that may encounter similar security risks. This policy shift comes as Anthropic expands testing of the unreleased Claude Mythos Preview model under a controlled initiative called Project Glasswing. The program involves major technology firms such as Amazon, Microsoft, Nvidia, and Apple, as reported by Reuters.
Anthropic Loosens Sharing Restrictions
Anthropic introduced Mythos on April 7 as part of Project Glasswing, a restricted cybersecurity initiative that enables selected organizations to utilize the advanced AI model for defensive security operations. The model's sophisticated coding capabilities reportedly grant it an unusually strong aptitude for identifying cybersecurity vulnerabilities and even developing methods to exploit them. Last week, Anthropic informed participating organizations that they are generally allowed to publicly disclose their involvement in Project Glasswing and share findings, tools, code, and best practices developed through the initiative.
“We fully support our partners sharing findings with each other and companies outside of Glasswing to triage vulnerabilities,” an Anthropic spokesperson said in a statement quoted by Reuters. The spokesperson added, “While there was never a specific Glasswing NDA, confidentiality protections were something partners asked for at the outset and were built into agreements partners signed.”
Why Anthropic Changed Its Approach
Reuters reported that the earlier confidentiality protections were implemented because participating companies desired safeguards before sharing sensitive cybersecurity findings and were concerned about becoming targets for attackers. Anthropic now states that the program has matured sufficiently to permit broader sharing of information for defensive purposes.
“As the program has matured, we've adapted them to ensure key information can be shared broadly – including outside the program – for maximum defensive impact,” the spokesperson told the news agency. According to Reuters, Anthropic indicated that partners may now share cybersecurity findings with security teams at other companies, regulators, government agencies, open-source developers, industry groups, and even the media, while still adhering to responsible disclosure practices.
