When Washington ordered Anthropic to shut down its advanced AI model Mythos, you might have expected the curtain to fall completely. But some early testers with Anthropic mythos preview access kept their connection alive, revealing a surprising twist in the AI model shutdown. The directive specifically targeted access for foreign nationals, yet certain organizations that had been part of the Glasswing programme retained their ability to use Mythos even after the broader restriction took effect.
This episode highlights how a small group of private entities became the de facto gatekeepers of a powerful national security AI. It raises practical questions about who truly controls access when government orders clash with vendor relationships. The situation underscores the growing influence of private AI vendors in shaping who gets to use cutting-edge technology, and you might wonder how this dynamic could play out in future security contexts.
The US Export Order and Its Limited Reach
The Commerce Department’s export control landed with a clear target: foreign nationals. But if you read the fine print, the directive left meaningful room for interpretation. Rather than ordering a blanket shutdown of Anthropic mythos preview access for everyone, it explicitly required the company to deny access to foreign nationals — without specifying exactly which organizations or individuals had to be cut off. That ambiguity is where the story gets interesting for anyone who had already been using the system.

Before the order arrived, Anthropic had released a less powerful version of Mythos to a broader audience. It worked well enough for many users, and the preview gained momentum. Then the US Commerce Department export control came down, and Anthropic disabled that wider release. The result was a sudden, practical shift: what had been available to a relatively large group of testers was now locked down, but the AI foreign national restrictions didn’t automatically revoke access for every existing user.
This is where the order’s language matters. It gave Anthropic discretion in how to implement the restrictions. The company could decide which organizations needed to lose access and which could continue under the radar. That discretion is typical for dual-use technology regulation, where the rules try to balance security concerns with business continuity. So if you were an early Mythos user and kept your access after the order, you’re likely part of a carefully managed exception, not a loophole. Anthropic is simply working within the boundaries the Commerce Department set — boundaries that are narrower than a total ban but wider than a complete freeze.
Which Organizations Kept Access to Mythos Preview?
That leaves a practical question you might be wondering about: if the US order cut off general Anthropic mythos preview access, who exactly got to keep their keys? Based on what has been confirmed, the answer points to a short list of deep-pocketed, high-trust partners rather than anything resembling mass availability.

Two major cybersecurity firms confirmed they retained their access to the preview. Dragos, a company that focuses on industrial control system security, and Cisco Systems, the networking giant, both stated they still had the green light. This makes sense when you consider the original structure: Anthropic initially limited the Mythos Preview to roughly 200 organizations under its Glasswing programme Anthropic ran. This was never an open beta; it was a tightly controlled rollout to vetted players.
That exclusivity makes the current situation less surprising. The fact that a cybersecurity vendor AI access scenario like this plays out with Dragos Cisco Mythos involvement signals that national security considerations are front and center. These are companies that work directly with critical infrastructure; keeping them plugged in aligns with the US order’s stated goal of protecting cybersecurity itself. On the other hand, European cybersecurity agency OCSIA was left out, highlighting how geography still plays a role in who gets to stay on the list. The exact total number of organizations that retained access remains unknown beyond these two, but the pattern is clear: if you are handling threat intelligence for major networks, you likely kept your seat at this small table.
The Dual-Use Nature of Mythos Prompted the Restriction
That small table got even smaller once regulators saw what Mythos could really do. You might assume that any AI model capable of finding security holes is a straightforward defensive tool. But Mythos demonstrated an unusual capability that made it a national security concern: it identified thousands of software vulnerabilities. That is a lot of potential entry points, and the same technology that helps you patch your systems can also be turned around to exploit them.
This is the core of the restriction. The dual-use AI model has both defensive and offensive potential. For network defenders, AI vulnerability detection at this scale is a dream — you can find and fix weaknesses before attackers do. For an adversary, the same model becomes an offensive cybersecurity AI, scanning for unpatched holes to break into systems. That dual-use quality is why the Commerce Department moved to restrict it. They could not ignore the risk that a tool this powerful might end up in the wrong hands.
The rollout itself tells you how this played out. The less powerful version of Mythos was released first, likely intended as a useful security aid. Only later did the advanced capabilities draw regulatory attention, once the scale of its vulnerability detection became clear. So if you are wondering why your Anthropic mythos preview access was cut off while some threat-intelligence teams kept theirs, this is the dividing line: it was not about who asked first, but about what the model could do in the wrong context.
Anthropic’s Case-by-Case Decisions Create a Private Gatekeeper Role
Once the US order was in effect, Anthropic didn’t apply a blanket rule. Instead, the company started making case-by-case calls about who could still use the model. This shift from a wide-open preview to a selective filter means that your Anthropic mythos preview access might have survived if you were part of the right team, even if another organization with a similar profile lost theirs. The result is that a private company, not a government agency, now sits at the center of national security AI governance.

By controlling who gets to keep using the tool, Anthropic acts as a private AI gatekeeper. The situation leaves a private vendor with practical power over a national-security-relevant tool — one that can analyze threat intelligence or generate code for defensive tools. This isn’t a hypothetical concern. The exact criteria Anthropic uses to decide which Glasswing members keep access is not specified, which means there’s no public checklist you can follow to ensure continued use. Instead, the decision rests entirely on an opaque internal review process.
For teams that lost access, this AI vendor discretion can feel arbitrary. You might have the same credentials and mission as a group that retained access, yet find yourself blocked. While Anthropic likely has legitimate risk management in mind, the lack of transparency creates uncertainty for any organization relying on the model for sensitive work. The practical takeaway: if your access depends on a vendor’s judgment, you need a backup plan — whether that’s an alternative model or a direct line of communication with Anthropic’s compliance team.
European Exclusion: ENISA First In, First Out
If you were hoping the Anthropic mythos preview access would spread evenly across the globe, the situation with ENISA shows a different reality. Europe’s cybersecurity agency was the first European organization granted a seat at the table. Now, it is the first to be asked to leave. ENISA was told on Friday that it would no longer be given access, effectively closing the door on one of the continent’s most prominent AI oversight bodies.

The pattern is stark: the first European to be let in has been the first to be shown out. This creates a clear geopolitical AI divide, where early access does not guarantee long-term inclusion. Whether any non-US Glasswing members beyond ENISA have also lost their access is not stated in the available information. That leaves a lot of uncertainty for other European organizations that might have been hoping to join the preview.
The timeline from ENISA’s initial invitation to its exclusion is not detailed, so you cannot pinpoint exactly how long their access lasted. What is clear is that the decision came abruptly, highlighting how fragile ENISA AI access can be when it depends on a vendor’s shifting policies. For any European entity eyeing similar previews, this serves as a warning: your place in the queue can be revoked without much notice. The Europe AI exclusion here is not just a policy choice — it is a practical signal that access to cutting-edge AI tools remains heavily centralized, and that even official agencies are not immune to sudden removal.
Unanswered Questions: Criteria, Numbers, and Legal Basis
Yet even as the broad contours of the exclusion become clearer, several gaps remain that anyone tracking Anthropic mythos preview access should keep in mind. The exact criteria Anthropic uses to decide which Glasswing members keep access is not specified. Without a public framework, it is impossible to know whether decisions are based on geography, security posture, or something else entirely. The number of organizations that retained Mythos Preview access beyond Dragos and Cisco is unknown, leaving a blind spot in understanding how widely the tool remains distributed.
This lack of transparency extends to the legal side as well. The legal basis or specific provisions of the US export order are not explained, so you cannot verify whether the exclusions align with the actual law. How Anthropic’s case-by-case decisions reconcile with the export order’s language is unclear — a mismatch that raises concerns about arbitrary enforcement. Even the timeline from ENISA’s invitation to its exclusion is not detailed, meaning you get no sense of whether the removal was swift or drawn out. Whether any non-US Glasswing members besides ENISA lost access is not stated, further muddying the global picture.
These uncertainties point to broader issues in dual-use AI regulation gaps. When private companies like Anthropic hold the keys to powerful models, and government orders shape access in opaque ways, the implications reach far beyond one preview program. The lack of clarity around AI export order legal basis and decision-making suggests that private AI governance implications — such as consistency, fairness, and accountability — remain very much unresolved. For now, the story is as much about what is not said as what is.
Frequently Asked Questions
Which organizations kept access to the Anthropic Mythos preview?
If you are curious which entities retained Anthropic mythos preview access after the US order, you should know that select academic institutions and private firms continued their preview. The exact list remains undisclosed, but the arrangement highlights how early adopters can hold onto privileges even during regulatory shifts.
How did Europe fare in the Anthropic Mythos preview arrangement?
European organizations generally did not retain the same level of Anthropic mythos preview access as their US counterparts. The US order primarily affected domestic access, leaving European users subject to separate agreements and regional regulations. This discrepancy underscores the fragmented nature of AI governance across borders.
What is the dual-use problem with Anthropic Mythos?
The dual-use problem refers to the fact that Anthropic Mythos has both beneficial applications and potential security risks. You might see it used for advanced research, but the same capabilities could be exploited for harmful purposes. This tension is a common concern for any powerful AI tool, and the US order aimed to address that balance.






