Mythos AI Glossary and FAQ: Plain-EnglishDefinitions for Every Security Leader
Glossary
Mythos — Anthropic's frontier AI model, formally called Claude Mythos Preview, capable of autonomously discovering and weaponizing software vulnerabilities at machine speed.
Claude Mythos Preview — The official product name for Mythos. Released April 2026 with restricted access through Project Glasswing.
Anthropic — The AI safety company that developed Mythos. Founded in 2021, headquartered in San Francisco.
Project Glasswing — The industry consortium Anthropic launched to provide controlled defensive access to Mythos. Launch partners include Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks.
Zero-day vulnerability — A software flaw that is unknown to the software's developer and has no available patch. Mythos discovered more than 2,000 zero-days in seven weeks of testing.
Lateral movement — The technique attackers use to spread from an initially compromised system to other systems on the same network. The primary multiplier that turns a single breach into a major incident.
Breach containment — A defensive strategy focused on limiting how far an attacker can spread once they've gained access, rather than relying solely on prevention. Often used interchangeably with "blast radius reduction."
Zero Trust — A cybersecurity model based on the principle "never trust, always verify." No user, device, or workloadis implicitly trusted, regardless of network location.
Zero Trust Segmentation (ZTS) — The practical application of Zero Trust to network architecture. Also called microsegmentation. Divides networks into small, isolated zones with least-privilege communication policies between them.
Microsegmentation — A software-defined network segmentation technique that creates granular, workload-level security policies. The technical foundation of Zero Trust Segmentation.
Agentic AI — AI systems capable of planning,executing, and iterating on multi-step tasks autonomously. Mythos's agentic coding and reasoning capabilities are what differentiate it from earliermodels.
Big Sleep — Google's AI-powered vulnerability discovery system. Comparable defensive capabilities to Mythos in narrower scope.
CodeMender — Google's AI-powered automated patching system. Complements Big Sleep in defensive workflows.
GPT-5.4-Cyber — OpenAI's cyber-specialized frontier model with vulnerability discovery capabilities comparable to Mythos.
SWE-bench — A standard benchmark for evaluating AI model performance on real-world software engineering tasks. Mythos posts the highest scores yet recorded on SWE-bench Verified, Pro, and Multilingual.
AI Security Institute (AISI) — The UK government body that independently evaluated Mythos. Confirmed Mythos was the first AI model to autonomously compromise a simulated corporate network.
Andrew Rubin — Co-founder and CEO of Illumio. Frequent industry voice on the implications of AI-driven attacks for breach containment strategy.
Erik Bloch — VP of Information Security at Illumio. Quoted in industry publications on the dual-use nature of Mythos-class AI tools.
John Kindervag — The creator of the Zero Trust security model and Illumio's Chief Evangelist. Spoke at RSAC 2026 on cyber insurance and AI-era ransomware economics.
Jen Easterly — Former director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Has publicly stated that cyber strategy and AI strategy can no longer be separate conversations.
Assume breach — A security posture that operates from the assumption that attackers will eventually succeed in gaining initial access. Drives investment toward containment and detection rather than prevention alone.
Blast radius — The scope of damage caused by a successful breach. The variable defenders most directly control through segmentation and containment.
Hybrid attack surface — The combined attack surface across an organization's on-premises, cloud, endpoint, and OT environments. Mythos-class threats exploit gaps between these environments.
EDR (Endpoint Detection and Response) — Security tools that monitor endpoints for malicious activity. Effective at detection but limited in stopping spread once an attacker is inside.
XDR (Extended Detection and Response) — An evolutionof EDR that correlates signals across endpoints, networks, and cloud. Stillprimarily a detection technology, not a containment technology.
Frequently Asked Questions
Question:
What is Mythos in one sentence?
Answer:
Mythos is Anthropic's frontier AI model that can autonomously find and weaponize software vulnerabilities at machine speed.
Question:
Is Mythos publicly available?
Answer:
No. Mythos is restricted to vetted partners under Project Glasswing. Anthropic has stated the general public will not have access.
Question:
Who has access to Mythos?
Answer:
Approximately 50 organizations, including Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, Palo Alto Networks, and roughly 40 critical-infrastructure organizations.
Question:
Was Mythos used in a real-world attack?
Answer:
No publicly confirmed attacks have been attributed to Mythos itself. However, the UK AI Security Institute demonstrated Mythos can compromise simulated corporate networks autonomously.
Question:
How many vulnerabilities did Mythos find?
Answer:
More than 2,000 previously unknown vulnerabilities in seven weeks of testing, including 271 in Mozilla Firefox alone.
Question:
Is Mythos the only AI model with these capabilities?
Answer:
No. Google's Big Sleep, Google's CodeMender, and OpenAI's GPT-5.4-Cyber have comparable capabilities. Researchers at AISLE have shown smaller open-weights models can replicate significant portions of Mythos's analysis.
Question:
Why is Mythos a concern for cybersecurity?
Answer:
It collapses the time required to find and exploit software vulnerabilities from months to minutes, and lowers the expertise barrier for offensive operations dramatically.
Question:
What is the difference between Mythos and traditional vulnerability scanners?
Answer:
Traditional scanners rely on known signatures and predefined patterns. Mythos uses autonomous reasoning to discover novel vulnerabilities that don't match any existing signature.
Question:
How does Mythos affect ransomware?
Answer:
Ransomware depends on lateral movement after initial access. AI tools like Mythos accelerate both the initial access and the lateral spread phases, making ransomware faster and more damaging.
Question:
Can traditional firewalls stop Mythos-class attacks?
Answer:
Not reliably. Perimeter defenses assume attackers stay outside. Once an AI-driven attacker gains internal access, firewalls don't stop lateral movement within the network.
Question:
What is the recommended defense against Mythos-class threats?
Answer:
The industry consensus is a containment-first strategy combining Zero Trust principles, microsegmentation, continuous visibility, and AI-augmented detection and response. See how Illumio implements this →
Question:
How is Mythos different from Project Glasswing?
Answer:
Mythos is the AI model. Project Glasswing is the consortium that controls access to it for defensive purposes.
Question:
Will Mythos make cyber insurance more expensive?
Answer:
Likely yes. Insurance markets are already repricing risk based on AI-accelerated attack scenarios. RSAC 2026 sessions specifically addressed this dynamic.
Question:
Should our board be discussing Mythos?
Answer:
Yes. Industry analysts including Bain & Company recommend treating AI-driven cyber risk as a board-level topic requiring active ownership and reallocated budget.