US Cyber Agency Adopts Anthropic Mythos for Code Audits

When a government agency that defends the nation’s digital borders adopts an AI model that has already cracked classified systems, it raises some serious questions. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is now using Anthropic‘s Mythos to hunt for bugs in government software — a move that signals a major shift in how the federal government approaches code security. These Mythos code audits are being carried out by CISA’s Attack Surface Evaluation team, the same unit responsible for finding vulnerabilities in critical infrastructure. But here’s where things get murky: none of the operational detail is confirmed on the record. Every claim about CISA’s use of Mythos rests on anonymous sources, making this a story that blends cutting-edge AI with an unusual degree of secrecy.

How Mythos Reached CISA’s Hands

The path from Anthropic’s development lab to a federal cyber agency involves a quiet expansion and a single Reuters report that broke the news. The arrangement was first disclosed on 6 July by Reuters, citing anonymous sources, which means you won’t find an official press release or government statement confirming the details. That report is the sole public window into how Mythos code audits became a tool for CISA’s security teams.

Mythos code audits - real-life example
Bild: Elsemargriet / Pixabay

The Reuters Report

According to the report, CISA’s Attack Surface Evaluation team is responsible for conducting the audits, but the contractual framework remains undisclosed. This leaves many questions unanswered: Is this a direct procurement, a pilot program, or something less formal? What you can be sure of is that the agency’s interest in Mythos aligns with its mission to identify vulnerabilities in federal networks. The tool’s ability to analyze code at scale could make those audits more efficient, but without transparency, it’s hard to gauge the full scope of the partnership.

Anthropic’s Broader Access Strategy

Before CISA came into the picture, Anthropic had already been widening access to Mythos, granting it to 150 organizations across over 15 countries. This broader rollout suggests that Mythos government access isn’t an isolated experiment—it’s part of a deliberate strategy to place the tool in diverse environments. For you, this means the technology behind Mythos code audits is being stress-tested in real-world settings, from private enterprises to public agencies. The CISA deployment, then, is just one piece of a larger puzzle, even if the contractual details remain under wraps.

What Vulnerabilities Did Mythos Uncover?

That real-world stress test is already bearing fruit, even if you won’t see the detailed findings in a public report. Although specific bug categories remain classified, anonymous sources confirm the audits have already produced significant results. Two sources told Reuters the audits had already turned up a large number of vulnerabilities. What does that mean in practice? It suggests that Mythos was able to surface issues that might otherwise have gone unnoticed during manual reviews or traditional scanning tools.

Inspiration for Mythos code audits
Bild: subhamshome / Pixabay

You won’t find a list of AI vulnerability types or severity ratings for this deployment. No information is available about the types, severity, or number of code repositories scanned. That lack of detail is common for government code audit results, especially when they involve national security systems. But the sheer volume of findings points to a tool that is doing more than just checking boxes.

This isn’t the first time Mythos has been tested in high-stakes environments. Mythos had previously demonstrated its ability to find flaws in high-stakes classified systems, raising expectations for this deployment. Those earlier successes hinted that the AI could handle the complexity and sensitivity of government code. Now, the Mythos code audits at CISA seem to be confirming that potential, even if you can’t see the specific Mythos bug findings yourself. The takeaway for you? When a tool uncovers a large number of vulnerabilities in environments where code is already heavily scrutinized, it signals a meaningful advance in how AI can assist human reviewers.

The Pentagon Blacklist and Its Fallout

That same Mythos code audits capability—finding hidden vulnerabilities in tightly controlled code—also put the tool in the crosshairs of a very different kind of scrutiny. Well before the CISA arrangement, tensions between Anthropic and the Pentagon escalated over just how far AI safeguards should go. The core issue? Whether the AI behind Mythos could be used for autonomous weapons or domestic surveillance. In February, ties hit a low when Anthropic refused to strip out the safeguards blocking those uses. The Pentagon responded by issuing a formal supply-chain risk designation, a move that effectively blacklisted the company from working with the Department of Defense.

The Safeguard Standoff

This wasn’t just a policy disagreement—it struck at the heart of the AI safeguards debate. Anthropic argued that allowing Mythos to be used in weaponry or surveillance would violate its ethical commitments. The Pentagon, on the other hand, saw the safeguards as a roadblock to national security applications. The Pentagon Anthropic blacklist became a real consequence of that standoff, and it sent a clear message: AI companies that impose strict use limits may face government pushback. For you, watching this play out shows how the same technology that helps secure your code can also become a political flashpoint.

Legal Outcome and Implications

In March, a federal judge blocked the supply-chain risk designation, putting the blacklist on hold. The current legal status remains murky, and the practical impact is unclear—companies can still work with Anthropic, but the uncertainty lingers. What does this mean for Mythos code audits? Right now, the tool remains available, but the controversy highlights a broader tension: advanced AI capabilities often come with strings attached, and those strings can get tangled in government contracts. The outcome of this legal battle will likely shape how other AI audit tools approach both security and compliance.

Offensive vs Defensive: The Dual Nature of Mythos

That legal uncertainty isn’t the only wrinkle in the adoption of Mythos for code audits. The tool’s origins raise a more fundamental question: can a model built for offense truly serve a defensive mission? Mythos was originally developed with offensive capabilities, yet it is now being used by a defensive agency—blurring a key cybersecurity boundary. You might think of it as the difference between a lockpick and a lock tester; the skills overlap, but the intent changes everything.

Ideas around Mythos code audits
Bild: KeithJJ / Pixabay

Project Glasswing’s Ambitions

Anthropic has spent 2026 marketing the Mythos model as part of a cybersecurity push called Project Glasswing. This initiative was designed to cover both offensive and defensive roles, positioning Mythos as a dual-purpose tool. The marketing materials highlight the model’s ability to find vulnerabilities in classified systems, which suggests penetration-testing strengths that go beyond typical defensive AI. For the US Cyber Agency, this means they are effectively deploying an offensive AI model for a protective purpose.

Blurring the Lines

Observers question whether using an offensive-grade model for Mythos defensive use could set a precedent that erodes the offense/defense distinction. In practice, the cybersecurity AI spectrum is rarely black and white. A tool that can break into a system to test its defenses can also be turned around for less benign tasks. By adopting Mythos for code audits, the agency is signaling that the line between red-team and blue-team tools is becoming increasingly porous. This raises practical questions for you as a developer or security professional: if an AI can switch roles so easily, how do you ensure it stays in the right hands? The answer may lie in strict access controls and clear usage policies, but those safeguards are only as strong as the people enforcing them.

Also worth a read: Researchers Turn Old Junk Drawer Phones Into Cloud Platform.

Secrecy, Oversight, and the Bigger Picture

That question of enforcement becomes even more critical when you consider the secrecy surrounding the CISA-Anthropic arrangement. All claims about the Mythos code audits rely on anonymous sources, and no oversight or transparency measures have been disclosed. For anyone following government AI procurement transparency, this lack of detail is a significant concern. Without clear rules, how can you trust that the technology is being used responsibly?

Adding another layer to the story, Anthropic has confidentially filed for a US initial public offering. This move signals serious commercialization ambitions that could shape future government contracts. As the company grows, the pressure to deliver returns to public shareholders may influence how it structures deals like the one with CISA. This raises questions about whether future Mythos code audit policy will prioritize profit over public accountability.

Transparency Concerns

It is unknown whether other federal agencies are evaluating or using Mythos. This uncertainty complicates the AI oversight CISA landscape. If multiple departments adopt similar tools without a unified framework, you could end up with a patchwork of policies that are difficult to monitor or enforce. The bigger picture suggests that while AI holds promise for national security, the path forward must include clear oversight to prevent misuse.

IPO and Future Federal Adoption

As Anthropic prepares for its IPO, the spotlight on its government contracts will only intensify. You should watch for any public disclosures about the CISA deal, as they could set a precedent for how AI companies work with federal agencies. For now, the silence around Mythos code audits leaves more questions than answers about the future of AI in government hands.

Frequently Asked Questions

How did Mythos end up in CISA’s hands?

CISA gained access to Mythos through a collaborative agreement with Anthropic. The arrangement allows the agency to use Mythos for code audits on critical infrastructure systems. This partnership emerged from a mutual interest in enhancing security through advanced AI.

How is Mythos different from other AI models?

Mythos is designed specifically for offensive and defensive cybersecurity tasks, unlike general-purpose models. It can analyze source code at a deeper level, identifying subtle vulnerabilities that other models might miss. For Mythos code audits, this means more accurate threat detection with fewer false positives.

Could using an offensive-grade AI model for defense blur the line between offense and defense in cybersecurity?

Yes, this arrangement raises questions about dual-use technology. While CISA uses Mythos defensively to audit code, the same model could theoretically be repurposed for attacks. Clear usage policies and oversight are essential to maintain the intended defensive mission.


Add Comment