US cyber agency use Anthropic
Published on
5 min read

U.S. Cyber Agency Taps Anthropic’s Mythos for Government Code Audits

In Focus

  • CISA is deploying Mythos to examine code repositories in government software
  • Mythos deployment in CISA is being led by the Attack Surface Evaluation Team
  • The AI model uncovered software vulnerabilities in government systems last month

The U.S. cyber agency is reportedly using Anthropic’s Claude Mythos to audit software across government systems. The Cybersecurity and Infrastructure Security Agency (CISA) is deploying Mythos to examine code repositories and identify software flaws that could potentially be exploited by cybercriminals or foreign intelligence actors.

Why is CISA Using Mythos to Identify Vulnerabilities?

Mythos is an advanced cybersecurity AI model designed to uncover security weaknesses in computer networks and software systems. The AI model helps cybersecurity teams to detect and fix software vulnerabilities before cybercriminals can exploit them to carry out large-scale, damaging attacks.

The hacking risks posed by Mythos caused Anthropic to postpone its public launch. However, the AI firm initially provided about 70 selected tech companies and financial institutions access to the cybersecurity model under the Project Glasswing initiative. In June, the AI firm added 150 partners across 15 countries to Project Glasswing to test the AI model.

Last month, Anthropic’s Mythos identified vulnerabilities in secure, highly sensitive U.S. government computer systems. A government official said the AI model flagged specific software vulnerabilities within hours during testing on U.S. government systems but did not exploit them.

How Will CISA Deploy Mythos in Government Systems?

In CISA, the Mythos deployment is being led by the Attack Surface Evaluation Team. This team is responsible for conducting digital security assessments and authorized penetration testing across government systems. News about CISA using Anthropic’s Mythos first emerged on July 6.

The move is the latest indication that demand for Mythos cybersecurity AI model among government agencies continues to rise despite the contentious standoff between Anthropic and the White House.

Earlier this year, President Donald Trump’s administration barred Anthropic from defense contracts after the company denied the Department of Defense unrestricted access to its models without safeguarding against domestic surveillance and autonomous targeting. A court blocked the ban in March, allowing the company to continue pursuing government work.

CISA joins a growing list of agencies that plan to use Mythos to address cybersecurity threats. access Mythos. Recently, Anthropic agreed to grant the EU access to Mythos through the bloc’s cybersecurity agency, the European Union Agency for Cybersecurity (ENISA). Anthropic has also granted Mythos access to the AI Security Institute in the U.K.

What Does CISA’s Mythos Use Means for Anthropic?

CISA’s adoption of Mythos reinforces Anthropic’s growing position as a leader in advanced cybersecurity AI. Application of Mythos in government security operations gives the cybersecurity model credibility and positions it as a tool that can identify complex software vulnerabilities at scale.

The deployment also highlights the rising demand for Anthropic’s AI models among organizations in the public-sector. As more government agencies and cybersecurity bodies explore Mythos, Anthropic’s standing in the race to develop AI systems for critical infrastructure protection continues to grow.

James Hughes
Scroll to Top