AI Just Got a Major Upgrade in Cybersecurity — And Our Clients Are Already Protected

Apr 21

On Monday, April 7 Anthropic announced Claude Mythos Preview, and it's a landmark moment for both artificial intelligence and cybersecurity. As an Element team, we want to make sure you understand what this means — and why our strategic partnership with CrowdStrike puts our clients in a strong position.

What Is Claude Mythos?

Claude Mythos is a new large language model from Anthropic — the company behind Claude, one of the most widely used AI assistants in the world. What makes Mythos different is its extraordinary ability to find and analyze software vulnerabilities, including zero-day exploits that have gone undetected for years, even decades. The model is so powerful that Anthropic has made the unprecedented decision not to release it to the general public.

To put the leap in perspective: previous AI models could generate working exploit code roughly 10–15% of the time, and those exploits rarely succeeded in practice. Mythos achieved a successful exploit rate of nearly 75% in testing against Firefox's JavaScript engine — developing 181 working exploits where previous models managed only two. Across broader testing, the model identified thousands of high- and critical-severity vulnerabilities in major operating systems, browsers, and open-source software.

Why This Actually Is Good News

While those numbers sound alarming, the most important part of this announcement is what Anthropic is doing with this capability. Rather than releasing Mythos into the wild, they've launched Project Glasswing — a coordinated defensive initiative backed by $100 million in usage credits and $4 million in donations to open-source security organizations.

Project Glasswing brings together an all-star coalition of technology and security leaders as founding partners: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Together, these organizations are using Mythos to proactively scan software systems, identify vulnerabilities, and patch them — before bad actors can find and exploit them.

Think of it this way: the same capability that makes Mythos concerning in the wrong hands makes it incredibly powerful as a defensive tool. For the first time, defenders can systematically discover and fix vulnerabilities faster than attackers can find them.

What the CrowdStrike Partnership Means for Element's Clients

CrowdStrike is a founding member of Project Glasswing, and this is a direct win for every Element client running CrowdStrike's Falcon platform. Here's why:

CrowdStrike is working alongside Anthropic to integrate Mythos-driven threat intelligence into its defensive capabilities. That means the same AI that's finding thousands of zero-day vulnerabilities is feeding those discoveries into the tools that already protect our clients' endpoints, cloud workloads, and identities every day. As vulnerabilities are discovered through Mythos, CrowdStrike can develop protections and push them to its entire customer base — often before exploits are publicly known.

This partnership positions CrowdStrike not just as a reactive security vendor, but as a proactive partner in the most advanced AI-driven security initiative in history. JPMorgan's analysts have already noted that CrowdStrike's role as a founding partner makes them a key player in this new era of AI-powered defense.

What Should Clients Know?

When clients ask about Claude Mythos — and they will — here are the key takeaways:

1) The model is not publicly available. Anthropic is restricting access to vetted security partners and critical infrastructure organizations. This is a responsible approach to an extraordinarily powerful technology.

2) CrowdStrike is already at the table. As a founding member of Project Glasswing, CrowdStrike has early access to Mythos-driven intelligence, which flows directly into the protections our clients benefit from.

3) This is a shift toward proactive defense. Instead of waiting for attacks and responding, Mythos enables the security industry to find and fix vulnerabilities before they're exploited. That's a fundamental change in how cybersecurity works.

4) Element is monitoring this closely. We're staying on top of developments and will continue to advise our clients as this technology evolves.

The Bottom Line

Claude Mythos represents a new chapter in AI and cybersecurity. Yes, the capabilities are powerful enough to warrant careful handling — and Anthropic's decision to restrict access reflects that reality. But the bigger story is that this power is being channeled into defense, and our clients are protected by one of the founding partners leading that effort.

This is exactly the kind of moment where having the right security partners matters. And through Element's relationship with CrowdStrike, our clients are already positioned to benefit.

Craig Sixta, Chief Technology Officer, Element

Want to learn more? Here are some resources: