Tom Hundley
When Anthropic launched Project Glasswing on April 7, 2026 — a coalition initiative it frames as "securing critical software for the AI era" — it did not do so alone. It arrived with eleven other names already on the marquee, a roster that reads less like a typical product launch and more like a who's-who of the people who actually run the internet's infrastructure: the largest cloud providers, the biggest names in cybersecurity, a money-center bank, the steward of open source, a chipmaker, and a consumer-hardware giant.
That guest list is the story. A frontier AI model that can find decades-old vulnerabilities in critical software — and, in some cases, exploit them end to end — is a dual-use capability, and who Anthropic chose to bring inside the tent says as much about how it intends to manage that capability as any benchmark does. Eight of the twelve partners went on the record with named-executive testimonials. Four did not. Both facts are informative.
At Elegant Software Solutions we cover this as analysts, not participants. What follows is a read of the coalition from the public launch page: who is at the table, what each says it is contributing, and — where the page is silent — what it does not claim. Every quoted line below is reproduced verbatim from Anthropic's Glasswing page.
The twelve launch partners are: Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic also says "over 40 additional" organizations joined at launch, bringing the initial cohort to roughly fifty; a June 2 expansion later added roughly 150 new organizations across more than fifteen countries, bringing total participation to around 200. That expansion — and the named participants reported around it — is a separate story. This article stays on the twelve.
A useful way to read the coalition is by the role each partner plays. Five buckets cover all twelve cleanly.
Three of the partners are the cloud platforms that host Claude Mythos Preview. Anthropic says participants "can access the model on the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry" — which means AWS, Google, and Microsoft are not just members but the distribution rails for the entire program. All three are also on the record.
AWS is doing the most operationally specific work of any partner. Its testimonial, attributed to Amy Herzog, Vice President and CISO, Amazon Web Services, describes both using Mythos internally and helping improve the model itself:
"We've been testing Claude Mythos Preview in our own security operations, applying it to critical codebases, where it's already helping us strengthen our code. We're bringing deep security expertise to our partnership with Anthropic and are helping to harden Claude Mythos Preview so even more organizations can advance their most ambitious work with security that sets the standard."
The phrase that matters there is "helping to harden Claude Mythos Preview." AWS is not only a consumer of the model; it is contributing security expertise back into how the model is secured — a two-way relationship that goes beyond hosting.
Google's contribution is explicit about the serving layer. Heather Adkins, VP of Security Engineering, Google, frames the company's role as both a host and a long-standing builder of defensive AI:
"Google is pleased to see this cross-industry cybersecurity initiative coming together and to make Mythos Preview available to participants via Vertex AI."
Adkins goes on to situate Glasswing inside Google's existing work: "We have long believed that AI poses new challenges and opens new opportunities in cyber defense, which is why we've built AI-powered tools—such as Big Sleep and CodeMender—to find and fix critical software flaws." That nod to Big Sleep and CodeMender is a quiet reminder that Google is a peer in this space, not just a venue for someone else's model.
Microsoft's note is the most measurable. Igor Tsyganskiy, EVP of Cybersecurity and Microsoft Research, Microsoft, reports a concrete benchmark result against Microsoft's own evaluation:
"When tested against CTI-REALM, our open-source security benchmark, Claude Mythos Preview showed substantial improvements compared to previous models."
That is a partner independently corroborating Anthropic's capability claims against an external yardstick — exactly the kind of third-party signal a coalition like this exists to produce. Tsyganskiy frames the broader moment plainly: "As we enter a phase where cybersecurity is no longer bound by purely human capacity, the opportunity to use AI responsibly to improve security and reduce risk at scale is unprecedented."
If the hyperscalers supply the infrastructure, the three security-industry partners supply the alarm. Cisco, CrowdStrike, and Palo Alto Networks each frame Glasswing as a response to a shift that has already happened — and each is on the record.
Anthony Grieco, SVP & Chief Security & Trust Officer, Cisco, opens with the bluntest line in the coalition about why the calendar has changed:
"AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back."
Grieco's testimonial argues that "the old ways of hardening systems are no longer sufficient" and that providers "must aggressively adopt new approaches now." His closing line is the membership rationale in a sentence: "That is why Cisco joined Project Glasswing—this work is too important and too urgent to do alone."
Elia Zaitsev, Chief Technology Officer, CrowdStrike, supplies the coalition's defining image — the closing window between discovery and exploitation:
"The window between a vulnerability being discovered and being exploited by an adversary has collapsed—what once took months now happens in minutes with AI."
That sentence is the threat model behind the whole initiative. If exploitation has compressed from months to minutes, defenders need to find and fix flaws on the same timescale — which is precisely the capability Anthropic is putting in partners' hands, and precisely the bottleneck (human-speed remediation) that critics have warned about.
Lee Klarich, Chief Product & Technology Officer, Palo Alto Networks, offers the most pointed warning of the eight, and it cuts both ways:
"This is not only a game changer for finding previously hidden vulnerabilities, but it also signals a dangerous shift where attackers can soon find even more zero-day vulnerabilities and develop exploits faster than ever before."
Klarich's testimonial is notable for crediting the model on its merits — he says Palo Alto used Mythos "to identify complex vulnerabilities that prior-generation models missed entirely" — while still naming the downside out loud. His prescription is "now is the time to modernize cybersecurity stacks everywhere," and his framing that these models "need to be in the hands of open source owners and defenders everywhere" is a direct handoff to the open-source thread below.
JPMorganChase is the lone financial-sector launch partner, and its posture is conspicuously cautious — which is the point. Pat Opet, Chief Information Security Officer, JPMorganChase, frames participation as evaluation, not endorsement:
"Project Glasswing provides a unique, early stage opportunity to evaluate next-generation AI tools for defensive cybersecurity across critical infrastructure."
Opet is careful to add that the bank "will take a rigorous, independent approach to determining how to proceed and where we can help." For a coalition vulnerable to the charge of being a vendor cheering section, a money-center bank publicly reserving judgment — joining to test, not to bless — is a credibility asset. It signals that membership is about kicking the tires on a defensive tool for critical infrastructure, not co-signing a product.
The Linux Foundation is the partner that gives Glasswing its most human argument. Jim Zemlin, CEO, The Linux Foundation, makes the case that the people who maintain the world's most-depended-on code are the ones least equipped to secure it:
"In the past, security expertise has been a luxury reserved for organizations with large security teams. Open source maintainers—whose software underpins much of the world's critical infrastructure—have historically been left to figure out security on their own."
Zemlin's argument is that open source "constitutes the vast majority of code in modern systems, including the very systems AI agents use to write new software," and that giving maintainers access to models that "can proactively identify and fix vulnerabilities at scale" offers "a credible path to changing that equation." His closing aspiration: "This is how AI-augmented security can become a trusted sidekick for every maintainer, not just those who can afford expensive security teams."
This is also where the money lands. Anthropic is "committing up to $100M in usage credits for Mythos Preview across these efforts, as well as $4M in direct donations to open-source security organizations" — $2.5M to Alpha-Omega and OpenSSF through the Linux Foundation, and $1.5M to the Apache Software Foundation. The Linux Foundation is therefore both a voice and a conduit: it carries the maintainer argument and channels the largest share of the donations.
Four of the twelve names appear on the roster with no testimonial quote — and three of those four have no stated Glasswing-specific role on the launch page at all. Being precise about this matters more than papering over it.
Anthropic is the initiator and the maker of Claude Mythos Preview; its presence on the partner list is the program itself. The other three are infrastructure and hardware names whose involvement the page does not elaborate:
For these three, the honest description is what they are, not a role the source does not claim. The absence of a quote is not a knock; not every founding member issues a testimonial. But for a roster piece, the discipline is to report the silence accurately rather than fill it.
Read together, the twelve break into a coherent design. The hyperscalers (AWS, Google, Microsoft) make the model reachable and, in AWS's case, help harden it. The security vendors (Cisco, CrowdStrike, Palo Alto) supply the urgency narrative and independent validation that the capability is real. The bank (JPMorganChase) lends the cautious credibility of a regulated defender. The foundation (Linux Foundation) carries the open-source stakes and the donations. And the quieter infrastructure and hardware names round out a coalition that spans the full stack from silicon to cloud to application.
The through-line in the eight on-record quotes is not hype about what the model can do — it is urgency about timing and a defense-first framing. Grieco's "no going back," Zaitsev's collapsed window, Klarich's "dangerous shift," Opet's "rigorous, independent approach," Zemlin's maintainer lifeline: each is, in its own register, an argument that the capability has already arrived and that the responsible move is to get it into defenders' hands first. Whether that bet holds is a question for later articles in this series. The coalition that placed it is on the record now.
Who are the 12 Project Glasswing launch partners?
Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic also said "over 40 additional" organizations joined at launch, for an initial cohort of roughly fifty.
Which partners are on the record, and which are not?
Eight provided named-executive testimonials: Cisco (Anthony Grieco), AWS (Amy Herzog), Microsoft (Igor Tsyganskiy), CrowdStrike (Elia Zaitsev), the Linux Foundation (Jim Zemlin), JPMorganChase (Pat Opet), Google (Heather Adkins), and Palo Alto Networks (Lee Klarich). Anthropic, Apple, Broadcom, and NVIDIA did not provide quotes.
What is Apple's role in Project Glasswing?
Per Anthropic's launch page, Apple is named as one of the twelve launch partners and nothing more — the page states no specific role, contribution, or quote for Apple. Claims that Apple is a deep or active collaborator go beyond the public source.
Where can participants actually run Claude Mythos Preview?
On the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry. That is why AWS, Google, and Microsoft are both members and the program's hosting platforms; Google's Heather Adkins specifically cited making "Mythos Preview available to participants via Vertex AI."
What is Anthropic contributing financially?
Anthropic is committing up to $100M in usage credits for Mythos Preview across these efforts, plus $4M in direct donations to open-source security organizations — $2.5M to Alpha-Omega and OpenSSF through the Linux Foundation, and $1.5M to the Apache Software Foundation.
What do the partner quotes actually emphasize?
Less the model's raw power than the urgency and a defense-first posture: Cisco's "there is no going back," CrowdStrike's "window… has collapsed," Palo Alto's "dangerous shift," JPMorganChase's "rigorous, independent approach," and the Linux Foundation's argument that AI-augmented security should become "a trusted sidekick for every maintainer, not just those who can afford expensive security teams."
Discover more content:
