Project Glasswing Has Big Tech United on Security. One Name Is Missing.

Anthropic announced Project Glasswing yesterday. The short version: they built a model called Claude Mythos Preview that finds software vulnerabilities better than most humans, used it to discover thousands of zero-days in every major operating system and browser, and then decided it was too dangerous to release publicly. That last part is the headline everyone's running with, and it makes for good drama. But if you work in security, compliance, or software development, the dramatic framing misses the point. The real story isn't that Anthropic built something dangerous. The real story is what this capability means for everyone else now that it exists.

The capability gap between attackers and defenders has just closed. Not "is closing" or "will close eventually." Closed. For years, finding vulnerabilities at scale required either massive security teams with deep expertise or hoping that someone responsible discovered the flaw before someone malicious did. That asymmetry defined the entire industry. Attackers only need to find one hole. Defenders need to find all of them. The economics have always favored offense, which is why breaches kept happening despite billions spent on security tools and consultants. AI models have now reached a level where they can do what only elite security researchers could do before, and unlike elite researchers, they don't get tired, they don't have limited bandwidth, and they scale horizontally. When a model can scan every codebase simultaneously and flag every weakness, the math changes.

Anthropic and its partners are saying the window between vulnerability discovery and exploitation has collapsed from months to minutes. The claim sounds like marketing hyperbole, but it isn't. If a model can find a vulnerability, it can also explain how to exploit it, because understanding the flaw and understanding the exploit are the same cognitive task. The capability that makes Mythos useful for defense is identical to the capability that makes it dangerous in the wrong hands. That dual-use reality is why Anthropic isn't releasing it to the public and why they're committing $100 million in usage credits to defenders and donating $4 million to open-source security organizations, rather than selling access to the highest bidder. They're trying to give the good guys a head start before the inevitable proliferation.

The Coalition and Its Conspicuous Absence

The launch partners read like a who's who of critical infrastructure: AWS, Apple, Microsoft, Google, NVIDIA, Cisco, Broadcom, JPMorganChase, CrowdStrike, Palo Alto Networks, and the Linux Foundation. Another 40+ unnamed organizations that maintain critical software are also getting access. It's a serious list, and the message is clear: the adults in the room are coordinating before things get out of hand.

But the coalition is defined as much by who's absent as who's present.

Cloudflare isn't on the list. This is the company that handles over 20% of global internet traffic. The company that blocks 230 billion cyber threats daily. The company whose infrastructure sits between attackers and targets for millions of websites worldwide. As a Cloudflare agency partner, we build on their stack daily, and we've watched them become the gold standard for edge security precisely because they see threats at a scale nobody else does. If we're talking about "the world's most critical software infrastructure," Cloudflare isn't a nice-to-have. They ARE critical infrastructure.

The absence is especially odd, given that Cloudflare and Anthropic are already partners. Last year, Cloudflare announced that it was working with Anthropic on the Model Context Protocol, with CEO Matthew Prince calling Cloudflare "the backbone" powering AI experiences. The relationship exists. The lines of communication are open. On the same day Anthropic announced Project Glasswing, Cloudflare announced a partnership with GoDaddy to integrate AI Crawl Control across GoDaddy's hosting platform, giving millions of website owners tools to manage AI bot access.

So why isn't Cloudflare a launch partner on Project Glasswing while their direct competitors, CrowdStrike and Palo Alto Networks, are? They may be among the unnamed 40+ organizations. They may have their own reasons for not participating publicly. There's been no statement from either side, and we're not going to speculate on internal business decisions we're not privy to. But the absence is notable and worth watching. When the company that secures a fifth of the internet isn't named in a coalition to "secure the world's most critical software," that's a data point.

The Open Source Angle

The most underreported part of this announcement is who else is getting access: open source maintainers. These are the people maintaining the code that runs everything. Linux. Apache. The libraries inside every enterprise system you've ever used. Open source software constitutes the vast majority of code in modern infrastructure, including the systems that AI agents themselves use to write new software. These maintainers have historically had zero budget for security beyond whatever they could do themselves on nights and weekends, because open source doesn't come with a revenue model that pays for security teams. Now they're getting access to the same vulnerability-scanning capabilities as Microsoft, Google, and Amazon. That's not charity. That's infrastructure investment. When foundational open-source projects break, everything built on top of them breaks too, including most of the commercial software the economy runs on.

What This Means for Businesses

Here's where this connects to actual business operations, and why we've been watching this space closely.

For compliance and forensic work, the audit landscape is about to change. When AI can scan codebases for vulnerabilities at scale, the standard of care shifts. "We ran the standard tools" won't cut it anymore when demonstrably better tools exist and are being used by major enterprises. We already see this in the forensic investigations we handle: the question used to be "did you have reasonable security in place?" It's becoming "did you use the best available tools?" Expect regulatory frameworks and audit expectations to catch up within 18-24 months.

For web and application development, security-by-design stops being a best practice and becomes table stakes. If AI can find the holes faster than humans can patch them, you need AI-assisted development processes to prevent those holes from being introduced in the first place. This is why we've been building our development workflows around Cloudflare's security-first infrastructure and integrating AI tooling into our code review processes. The firms still treating security as a post-launch audit phase rather than an integrated development discipline are going to have a rough year.

Anthropic built something dangerous and sat on it. In 25 years, I've seen a handful of companies do that. The usual playbook is ship it, deal with the fallout, andfigure out who to blame. We've turned down AI projects because the client wanted speed over safety, and those conversations are awkward. Anthropic apparently had that conversation with themselves and decided not to put this thing in the wild. I respect it. We'll see if it holds.

The Uncomfortable Question

Anthropic made the call to restrict access. What happens when another lab, or another country, builds something similar and doesn't? Project Glasswing is defensive by design, built on the assumption that these capabilities will proliferate regardless of what any single company decides. The coalition includes Apple, Microsoft, Google, Amazon, and most of the major cybersecurity vendors because they all understand the same thing. The only question is whether defenders get enough of a head start to matter.

The cybersecurity industry has already caught a glimpse of future developments, and these changes are not five years away. Some companies will take action now, while others will hold off until the next breach occurs to justify their budgets, as they have always done. By that time, the landscape will have evolved beyond its readiness.