Anthropic plans to open access to AI models for vulnerability detection in code
The company Anthropic announced plans to make its Mythos-class artificial intelligence models, capable of finding vulnerabilities in software code, publicly accessible. This could have a significant impact on global cybersecurity.
Anthropic’s Glasswing project, in which partners are given access to Mythos models, may change the approach to identifying threats in the cyber world. With these models, more than a thousand open-source projects have already been checked, leading to the detection of 23,019 potential vulnerabilities, of which 6,202 were classified as critical or high-risk. After manual verification, 1,587 vulnerabilities were confirmed, with 1,094 deemed critical. One such issue was a vulnerability in the cryptographic library wolfSSL, used by billions of devices.
Despite this, the company acknowledged that the openness of access to powerful tools might increase the risk of misuse and even complicate the cybersecurity market. Some developers have already expressed requests to slow down the reporting of discovered vulnerabilities as their teams cannot keep up with necessary updates and patches.
Anthropic announced its intention to expand access to Project Glasswing, particularly for the benefit of the US government and allied countries. The European Union is already collaborating with the company, discussing the implementation of the Mythos model for monitoring European companies and banks.
Experts note the potential of the Mythos model, which is also utilized by the US National Security Agency. Despite the caution and risks associated with the widespread application of artificial intelligence, this could enhance security levels in software development.
| Number of projects checked | 1000+ |
|---|---|
| Potential vulnerabilities | 23,019 |
| Critical and high-risk | 6,202 |
| Confirmed vulnerabilities | 1,587 |
| Critical and high-risk (confirmed) | 1,094 |
