What Is Claude Mythos Preview? Why Anthropic Limited Its Rollout

Home
Blog
What Is Claude Mythos Preview?...

TL;DR

Claude Mythos Preview is Anthropic’s most capable frontier model to date, but it is not being opened for broad public use.
Anthropic says the model has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser.
Instead of a standard rollout, Anthropic launched Project Glasswing, a controlled initiative that gives access to selected partners and over 40 additional organizations maintaining critical software infrastructure.
The bigger story is not just model performance. It is that frontier AI capability now forces companies to think about governance, runtime controls, visibility, and secure deployment from day one.

Introduction

Most AI product launches follow a familiar script. A company announces a more capable model, benchmarks go up, and developers immediately ask when they can access the API.

Anthropic’s Claude Mythos Preview breaks that pattern.

Anthropic has positioned Mythos Preview as a general-purpose, unreleased frontier model with unusually strong performance in coding, reasoning, and cybersecurity. At the same time, the company says it does not plan to make Mythos Preview generally available right now. Instead, it launched Project Glasswing, a controlled initiative designed to put the model to work in defensive cybersecurity with a small set of partners and critical infrastructure organizations.

That makes Claude Mythos Preview important for a reason beyond benchmarks. It signals that AI capability has reached a point where access, risk, deployment governance, and enterprise readiness are no longer separate conversations. They have the same conversation.

What Is Claude Mythos Preview?

Claude Mythos Preview is Anthropic’s newest frontier model, described by the company as a general-purpose, unreleased model that reveals how far coding and cybersecurity capability have advanced. Anthropic’s own framing is direct: AI models have now reached a level where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.

The benchmark story reinforces that point. On Anthropic’s Project Glasswing announcement page, Mythos Preview outperforms Claude Opus 4.6 across several demanding tasks, including CyberGym, where it scores 83.1% versus 66.6%, SWE-bench Pro at 77.8% versus 53.4%, and SWE-bench Verified at 93.9% versus 80.8%. Anthropic also reports stronger performance on Humanity’s Last Exam, GPQA Diamond, OSWorld-Verified, and BrowseComp.

This is why Mythos should not be treated like a normal incremental model update. Anthropic is presenting it as a step change in capability, especially where coding, autonomy, and cyber reasoning intersect.

Gemini 3.1 Pro vs Claude Opus 4.6

GLM-5 vs Claude Opus 4.6

Codex 5.3 vs Opus 4.6

MiniMax M2.5 vs Claude Opus 4.6

Composer 1.5 vs Claude Opus 4.6

Opus 4.6 vs Sonnet 4.6

Why Anthropic Is Limiting Claude Mythos Preview’s Rollout

The short answer is risk.

Anthropic says Mythos Preview has already identified thousands of high-severity vulnerabilities, including some in every major operating system and every major web browser. Its Frontier Red Team blog goes further, saying the model has shown the ability to identify and exploit zero-day vulnerabilities across major operating systems and browsers, and that even engineers without formal security training were able to ask the model to find remote code execution flaws and wake up to a working exploit.

That dual-use reality is the core reason the rollout is constrained. The same model that can help defenders surface and patch vulnerabilities faster can also lower the cost and skill barrier for offensive cyber use. Anthropic explicitly says it does not plan to make Claude Mythos Preview generally available and wants to develop stronger safeguards before enabling Mythos-class models at scale.

This is a meaningful moment for the AI industry. For years, the main public debate around frontier models focused on intelligence, pricing, context windows, and app-building potential. Mythos shifts the center of gravity toward controlled deployment. When a model becomes powerful enough to materially change vulnerability discovery and exploit development, open availability stops being the default assumption.

What Is Project Glasswing?

Project Glasswing is Anthropic’s answer to that problem.

Anthropic is not just limiting access to Claude Mythos Preview. It is also funding the conditions needed for that access to be useful. The company has committed up to $100 million in usage credits so Glasswing participants can run the model at meaningful scale across defensive security workflows such as vulnerability discovery, endpoint protection, and penetration testing. In parallel, it has pledged $4 million in direct donations to open-source security organizations, including support through the Linux Foundation and the Apache Software Foundation, so the maintainers of critical open-source software are better equipped to respond to the faster, more demanding security environment that advanced AI models are beginning to create.

The stated goal is straightforward: use Mythos Preview for defensive security work before similar capabilities spread more broadly. Anthropic says participating organizations will focus on tasks such as local vulnerability detection, black box testing of binaries, securing endpoints, and penetration testing of systems that represent a large portion of the world’s shared cyberattack surface.

This matters because Glasswing is more than a partner program. It is a deployment model. Anthropic is effectively saying that some frontier capabilities should first be introduced through tightly scoped, security-oriented workflows with organizations that can act on the results responsibly.

What the Claude Mythos Materials Reveal

The most interesting part of the Mythos story is not only that the model is strong. It is that Anthropic has been unusually explicit about why that strength changes the safety and deployment equation.

Anthropic’s risk-report and system-card materials describe Mythos Preview as the best-aligned model it has released to date, while also saying it likely poses the greatest alignment-related risk of any model it has released so far. That sounds contradictory until you look at the logic behind it: a more capable, more autonomous model can be more aligned in ordinary use and still create higher-stakes failures when something goes wrong.

That distinction is crucial for enterprise readers. AI risk is not just about whether a model is helpful in a chat window. It is also about what happens when that model runs for longer periods, uses tools, touches codebases, accesses internal systems, and operates with more autonomy than earlier generations.

Anthropic’s Frontier Red Team blog also makes clear that the company views Mythos as a watershed moment for security, not merely a benchmark win. Over 99% of the vulnerabilities it found had not yet been patched at the time of writing, which is why Anthropic limited public disclosure and called for coordinated defensive action across the industry.

Why Claude Mythos Matters Even If You Cannot Use It

Most businesses will not be able to use Claude Mythos Preview right now because Anthropic is only giving access to selected organizations. But that does not make it unimportant. In fact, it makes it even more worth paying attention to.

The bigger message is that advanced AI is no longer just a tool for writing emails, summarizing documents, or helping developers work faster. It is starting to affect serious areas like cybersecurity, where it can change how quickly problems are found, how much work can be done, and how much protection a company needs.

This also changes how businesses should think about AI agents. The hard part is no longer just building an AI agent that can complete tasks. The real challenge is making sure that agent works safely inside your business. That means deciding what it is allowed to access, tracking what it does, setting limits on its actions, and making sure people can step in if something goes wrong.

In simple terms, Claude Mythos Preview matters because it shows where enterprise AI is heading. In the future, companies will not just need powerful AI tools. They will also need strong rules, controls, and monitoring around how those tools are used.

The Enterprise Implications of Claude Mythos Preview

The biggest lesson for businesses is this: making the AI model itself safe is only one part of the job. That alone is not enough.

The bigger risk starts when a powerful AI system is connected to real business tools and data, like your codebase, cloud systems, internal software, support tickets, or company databases. At that point, the issue is no longer just about the model. It becomes a business operations and security issue. Companies need to decide what the AI can access, what actions it can take, who can approve those actions, and how to track everything it does.

This creates a few practical challenges. First, AI agents can increase risk if they are connected to too many systems without proper limits. The more freedom an AI has, the more carefully a company needs to control what it is allowed to do.

Second, businesses need full visibility into how AI is being used. Security teams must know where the AI is running, what information it can see, what systems it touches, and what tasks it is performing. Trusting the model is not enough. Companies also need clear monitoring and records.

Third, security problems may move much faster now. With advanced AI, the time between finding a weakness and taking advantage of it can shrink dramatically. That means businesses may need to speed up how they identify, review, and fix security issues.

Finally, governance is becoming a real business requirement, not just a nice idea. The companies that benefit most from advanced AI will not simply be the ones using the most powerful tools. They will be the ones that use them carefully, with strong rules, clear controls, and disciplined security practices.

What CTOs and Security Leaders Should Do Now

You do not need direct access to Claude Mythos Preview to learn from what it shows.

The first step is to check where AI tools are already being used inside your business. Many companies are testing AI in areas like software development, customer support, and operations without fully knowing what those tools can access or what actions they can take.

The next step is to understand the difference between testing and real business use. Just because an AI tool works in a demo or small trial does not mean it is ready to be used safely in day-to-day operations. A production system needs proper rules, monitoring, and records so the business can trust and control it.

After that, companies need to build stronger controls around how AI is deployed. This means setting clear limits on what the AI can access, keeping track of what it is doing, requiring approvals for sensitive actions, and storing logs so problems can be reviewed later if something goes wrong.

Finally, businesses should prepare for a future where attackers also use advanced AI. Even if Claude Mythos Preview itself is tightly restricted, the bigger message is that AI-powered cyber capabilities will keep improving. That means companies should start preparing now, instead of waiting until these risks become more common.

Conclusion

Claude Mythos Preview is not important because it is the next model most companies can adopt. It is important because it shows what happens when model capability outpaces ordinary deployment assumptions.

Anthropic’s decision to limit access, route usage through Project Glasswing, and focus on defensive cybersecurity is the real story. It tells us that the frontier of AI is no longer just about smarter models. It is about safer deployment, stronger governance, faster security response, and enterprise systems that are ready to handle highly capable AI in the real world.

The companies that benefit most from the next wave of AI will not just be the ones with early access. They will be the ones that can secure, govern, and operationalize these systems at scale.