What Is Project Glasswing?
Project Glasswing is a defensive cybersecurity initiative launched by Anthropic alongside Claude Mythos on April 7, 2026. It provides controlled, scoped access to Claude Mythos, Anthropic''s most capable AI model, to a consortium of leading organizations for defensive security purposes.
Rather than releasing Claude Mythos publicly, Anthropic chose to limit access to vetted organizations that can use the model''s advanced capabilities to defend systems, not attack them.
Why Anthropic Created Project Glasswing
Claude Mythos is described by Anthropic as capable of autonomously discovering and chaining exploits across every major operating system, web browser, and critical software stack. The model can find and weaponize zero-day vulnerabilities faster than human security researchers.
This capability profile presents an obvious dual-use risk. A model that can find vulnerabilities faster than defenders can patch them, in the wrong hands, is a threat multiplier.
Anthropic''s response was to treat Claude Mythos like a controlled substance: restrict access to vetted defensive users rather than releasing it into a market where offensive actors could access it freely.
Project Glasswing is the governance structure for that restricted access.
Who Are the Project Glasswing Partners?
The announced Project Glasswing partners include:
- Cloud infrastructure: AWS, Microsoft (Azure), Google Cloud
- Hardware: NVIDIA
- Endpoint security: CrowdStrike
- Consumer devices: Apple
- Open source: Linux Foundation
Anthropic provided $100 million in compute credits to support partner use of Claude Mythos within the program. Partners receive scoped API access designed for specific defensive use cases, not general deployment.
What Project Glasswing Partners Can Do With Claude Mythos
Access within Project Glasswing is scoped to defensive applications. Partners can use Claude Mythos to:
- Identify vulnerabilities in their own systems before attackers do
- Build automated threat modeling at a speed and depth not previously possible
- Test defensive controls against the same capabilities attackers might deploy
- Research zero-day vulnerability patterns in major software stacks
The program is explicitly defensive. Anthropic maintains audit and governance layers over how partners use Mythos capabilities.
What the June 2026 Export Control Directive Changed
On June 12, 2026, Anthropic suspended access to both Claude Fable 5 and Claude Mythos 5 following a US government export control directive. The directive has not been published in full, but the effect is that even Project Glasswing partners lost access to the Mythos 5 model tier.
This represents a significant escalation in government oversight of frontier AI models with cybersecurity capabilities. It is the first time the US government has used export control mechanisms to restrict access to a commercially developed AI model.
What Project Glasswing Means for Cybersecurity Vendors
The Defensible AI Security Market Is Real and Growing
Project Glasswing validates a market: enterprise organizations need AI-powered defensive security capabilities and are willing to work within controlled-access governance structures to get them. Cybersecurity vendors that position inside this market, offering AI governance, red team services, evaluation frameworks, or compliance tooling for AI-powered security operations, are addressing real and growing demand.
The Claude Compliance API Is the Commercial Layer
Alongside Project Glasswing, Anthropic''s Claude Compliance API connects Claude to 28 enterprise security platforms including CrowdStrike, Palo Alto Networks, Okta, and Zscaler. This commercial layer makes Claude''s security capabilities accessible without the restricted Mythos 5 tier.
Cybersecurity vendors building on or selling alongside the Claude Compliance API have a strong event topic: what these integrations mean for enterprise security operations in 2026.
The Export Control Directive Creates a Conversation Trigger
Any enterprise account that was evaluating or using Mythos 5 within Project Glasswing is now dealing with a disruption. That is a live buying signal for AI governance tools, model-agnostic workflow platforms, and enterprise AI resilience consulting.
LinkedOtter runs live events that turn moments like this into pipeline. Take the free 60-second check to see if event-led outbound fits your cybersecurity growth program.