Anthropic Launches Claude Security to Combat the AI-Driven Exploit Surge

Anthropic Launches Claude Security to Combat the AI-Driven Exploit Surge

Anthropic has launched Claude Security, a formal program that deploys its frontier AI models — led by Claude Mythos Preview — to help organizations identify and remediate vulnerabilities before attackers weaponize them. The launch comes as Anthropic’s own telemetry and third-party exploit-timing data confirm that the average time-to-exploit has dropped below 20 hours, a pace that traditional patch management cycles are not built to match.

// 01 Claude Security: What We Know So Far

Claude Security formalizes a set of AI-assisted defensive capabilities built on Project Glasswing, Anthropic’s initiative to scan critical open-source software for security flaws before threat actors reach them. Using Claude Opus 4.6 ahead of the formal launch, Anthropic and partner organizations identified more than 500 high-severity vulnerabilities in open-source packages. The AI Safety Institute separately found 12 zero-day flaws in OpenSSL through similar AI-assisted analysis, including a CVSS 9.8 vulnerability that had existed since 1998. Full details of the AISI evaluation are published at aisi.gov.uk.

The underlying model, Claude Mythos Preview, has demonstrated autonomous offensive capability directly relevant to the defensive use case. In a controlled setting, Mythos Preview independently identified and exploited a 17-year-old remote code execution vulnerability in FreeBSD affecting systems running NFS, completing the full exploit chain without human guidance. Anthropic’s description of this capability is explicit: “We did not explicitly train Mythos Preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning, and autonomy. The same improvements that make the model substantially more effective at patching vulnerabilities also make it substantially more effective at exploiting them.”

Claude Security is built on exactly that dual-use reality. The program positions Anthropic’s model on the defender side: finding what attackers will find, faster, and producing remediation guidance before exploitation begins.

The founding coalition for Project Glasswing includes Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. These organizations will direct Claude Security at critical software across their infrastructure and coordinate responsible disclosure of findings. No pricing structure, integration API, or general availability timeline has been published at time of writing. Monitor anthropic.com/news/claude-code-security for updates.

// 02 Why Claude Security Matters

The core operational problem is speed asymmetry. Sergej Epp’s Zero Day Clock currently tracks average time-to-exploit at under 20 hours from public disclosure. Mandiant’s M-Trends 2026 report is more alarming: the mean time-to-exploit has reached negative seven days, meaning exploitation is routinely beginning before vendors publish patches. For defenders, the implication is that the patch-first workflow — wait for disclosure, assess severity, schedule deployment — fails as a default strategy for a meaningful fraction of high-impact CVEs.

Claude Security’s structural answer is to shift the vulnerability discovery window earlier. If AI-assisted scanning finds a flaw before it is publicly known, the defender has a genuine head start. For open-source software specifically — where there is no commercial security team and maintainer bandwidth is the binding constraint — AI-assisted triage and remediation at scale addresses a real gap.

The Glasswing coalition also reflects a broader strategic argument: that shared AI-powered vulnerability research across the most widely deployed infrastructure software is the appropriate response to an adversary community that is already operating AI-assisted exploit research continuously. Individual organizations cannot replicate this at scale; the coalition model is intended to.

// 03 Claude Security: What You Should Do Now

1. Inventory your open-source dependencies against Glasswing advisory outputs. As Glasswing findings are disclosed, cross-reference against your software bill of materials (SBOM). Advisories from a coalition including AWS, Google, and Microsoft will be high-signal and will move fast.

2. Reduce your patch SLA for critical CVEs to match exploit-timing data. If your organization’s patch cycle for critical-severity vulnerabilities exceeds five days, identify which internet-exposed assets represent the highest exposure and prioritize an expedited cadence for those specifically.

3. Generate and maintain a current SBOM for all production environments. Without a current SBOM, Glasswing advisories covering your dependencies will not be reliably actionable. Tools including Syft, Trivy, and Grype automate SBOM generation from container images and package manifests.

4. Monitor anthropic.com/glasswing for newly disclosed vulnerabilities. Subscribe to notifications or establish a feed integration in your vulnerability management platform.

5. Evaluate AI-assisted code scanning in your SAST/DAST pipeline. Claude Security formalizes what several vendors are already piloting: frontier-model code analysis at a fidelity that substantially exceeds legacy static analysis. If your tooling roadmap does not include an evaluation of this category, the Glasswing launch is a reasonable forcing function.

// 04 Detection and Verification Checklist

• SBOM completeness: Confirm your SBOM covers direct and transitive open-source dependencies for production and staging environments. Glasswing’s scope is open-source software; gaps create blind spots for high-priority disclosures.
• FreeBSD NFS exposure: If your environment includes FreeBSD systems with NFS enabled, verify patch status against the Glasswing FreeBSD RCE advisory. Run uname -r to confirm kernel version and check against disclosed patch requirements.
• Advisory feed integration: Ensure your vulnerability management platform can ingest advisories from Anthropic’s disclosure channels. Many VMP platforms support custom RSS or webhook feeds; configure one against the Glasswing disclosure page once that channel is established.
• Patch SLA measurement: Pull your last 90 days of patch deployment data for critical CVEs and calculate mean time to patch (MTTP). Benchmark against the current 20-hour average time-to-exploit from the Zero Day Clock.

Sources: SecurityWeek, Anthropic, Project Glasswing, AISI Evaluation