AI Shifts the Focus of Cybersecurity from Troubleshooting to Fixing Them
One of the biggest challenges in cybersecurity has always been finding vulnerabilities before attackers do. A growing number of security experts now say artificial intelligence is changing that equation, shifting the focus from discovering vulnerabilities to quickly remediating those vulnerabilities to prevent exploitation.
Anthropic’s Project Glasswing: A Paradigm Shift
At the center of this transformation is Anthropic’s Project Glasswing, a cybersecurity initiative that provides select organizations access to Claude Mythos Preview, an advanced AI model for identifying software vulnerabilities and potential attack paths.
According to Anthropic, Project Glasswing has expanded to more than 150 organizations in over 15 countries and has helped identify more than 10,000 high or critical severity vulnerabilities in participating organizations and software projects. The figures were disclosed by the company in materials describing the initiative.
BT Group Joins the Initiative
The program recently gained additional attention when BT Group became the first UK company to publicly join the initiative. According to BT and reports from TechRadar, the telecommunications company plans to use the technology to strengthen defenses across its networks and customer systems. BT said it is currently fending off around 4 million cyberattacks every day.
AI Models: A Broadening Trend in Cybersecurity
The development reflects a broader trend in which AI companies are positioning advanced models as cybersecurity tools for governments, critical infrastructure operators, and large corporations.
According to Anthropic, Project Glasswing participants include organizations in sectors such as telecommunications, healthcare, energy, and government. The company also lists major technology and financial companies, including Microsoft, Google, Apple, Nvidia, Amazon Web Services, CrowdStrike, Cisco, and JPMorgan Chase, as participants or collaborators in cybersecurity efforts.
The Promise and Perils of AI in Cybersecurity
Security experts say one of the most significant benefits of AI is its ability to quickly analyze large code bases and identify relationships between vulnerabilities that may be difficult for human analysts to detect.
According to a Wall Street Journal report, Visa executives involved in the initiative said the Claude Mythos Preview model can connect multiple, lower-severity vulnerabilities into realistic attack chains, helping defenders identify risks that might otherwise go unnoticed.
But the promise of the technology comes with concerns about misuse.
Anthropic has explained that Claude Mythos Preview is not generally available because the same features that can help defenders identify vulnerabilities could potentially help attackers locate vulnerabilities more efficiently. The company said access was limited to verified organizations due to concerns that advanced cybersecurity models could be used for objectionable purposes if widely distributed.
Future Implications and the Ongoing Debate
These concerns have become increasingly important as governments and regulators examine the security implications of border AI systems. Anthropic has positioned Project Glasswing as a defensive cybersecurity initiative while maintaining restrictions on public access to the underlying model.
The result is a growing debate about whether AI’s biggest impact on cybersecurity is to strengthen defenses, make attacks more sophisticated, or both.
Currently, proponents of the technology argue that AI is helping companies address a long-standing problem: the inability to identify and remediate vulnerabilities quickly enough. As technology continues to improve, cybersecurity experts say the bottleneck may no longer be finding bugs but figuring out which ones need to be fixed first.
Updates on Project Glasswing are available here on the Anthropic website.
About the Author
John K. Waters is the Editor-in-Chief of a number of Converge360.com websites focused on high-end development, AI, and future technology. He has been writing about cutting-edge technologies and Silicon Valley culture for more than two decades and has written more than a dozen books. He also co-wrote the documentary “Silicon Valley: A 100 Year Renaissance,” which aired on PBS. He can be reached at [email protected].
“`
