On demand
Watch Claude Security: Putting Claude to Work for Defenders
Model capabilities have outpaced cyberdefense
Exploit capability has moved faster in the past year than most defenders have planned for. In the not-too-distant future, models from labs or open-source projects could on par with Mythos Preview. Three recent benchmarks show what changed.
Model capability is doubling every 0.7 months
AI capability is doubling every seven months, and the pace is picking up. A year ago, the best models could handle software tasks that took humans about an hour. Mythos Preview can now handle tasks that take humans most of a workday. Soon, other models could be just as good. Defensive timelines built on last year's assumptions are already behind.
Why measure capability by duration?
A model that supports long tasks can be a teammate with good or bad intentions. This chart demonstrates that AI can take on work that quadruples annually.
The first model that gets past modern security walls
A year ago, the most capable models could spot security flaws, but couldn't easily turn them into working attacks. Today, they can. Modern browsers and operating systems are built with safety walls called sandboxes that contain flaws even when attackers find them. Mythos Preview is the first model that reliably breaks through. Currently, other models stop at the sandbox.
Why measure capability by duration?
A model that supports long tasks can be a teammate with good or bad intentions. This chart demonstrates that AI can take on work that quadruples annually.
Putting frontier modelsto work for defense
As part of Project Glasswing, Mozilla brought Mythos Preview into their Firefox security review. The April release shipped 271 fixes for latent bugs found with the model, more than 20× the team's monthly average. Some had survived decades of human review.
Why measure capability by duration?
A model that supports long tasks can be a teammate with good or bad intentions. This chart demonstrates that AI can take on work that quadruples annually.
Project Glasswing preview
Our approach to Claude Mythos Preview access
Claude Mythos Preview is a model with significantly stronger cybersecurity capabilities, especially in exploit reasoning. This capability carries the greatest potential for misuse in security, and we’re rolling out access carefully as we work toward general access.
Securing critical software
Preview partners maintain critical infrastructure or software the world depends on, where a successful attack would be catastrophic.
Building towards general access
Anthropic is developing the safeguards required to release this capability broadly. The preview is how we learn to do that responsibly.
Providing tools for defenders today
Claude Security, the open-source reference tools, and the practices emerging from the preview are available to all security teams today.
Insights from defenders
"AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back."
Anthony Grieco
SVP & Chief Security & Trust Officer, Cisco
"AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back."
Anthony Grieco
SVP & Chief Security & Trust Officer, Cisco
Security-tuned technology
How security teams put Claude to work for defense
Across enterprise security programs and inside Anthropic, teams use Claude to improve risk posture through our products, platform, and models.
Find and fix vulnerabilities with Claude Security
Claude Security reasons about your code like a security researcher: scanning for vulnerabilities, validating findings, and proposing targeted patches.
Deploy security agents with the Claude Developer Platform
Ship defender tools and custom security agents with sandboxed execution, credential isolation, and audit logging built in via the Agent SDK, MCP, and Claude API.
"Anthropic ha dato priorità alla sicurezza e alla protezione molto più di altri LLM... In quanto più grande azienda di cybersecurity al mondo, per noi è un fattore decisivo."
Gunjan Patel, Director of Engineering
"Claude Security ha portato alla luce risultati nuovi e di alta qualità durante le nostre fasi iniziali di test della research preview, aiutandoci a individuare e affrontare potenziali problemi di sicurezza prima che potessero avere impatto sul nostro ambiente o sui nostri clienti. Vediamo un forte potenziale man mano che ne estendiamo l'utilizzo."
Krzysztof Katowicz-Kowalewski, Staff Product Security Engineer
● Scanning 247 files across app/, services/, routes/...
● Analyzing auth flows, input validation, file handling...
● Filtering by severity ≥ high...
● Found 4 findings in acme-corp/hookrelay
CRITICAL
Shell command injection via webhook payload
app/services/notifiers/script_runner.py:21 · Command injection
CRITICAL
JWT authentication bypass via "none" algorithm
app/auth/jwt_handler.py:28 · Auth bypass
CRITICAL
Path traversal in export file download endpoint
app/routes/exports.py:39 · Path traversal
HIGH
Server-side request forgery in destination URL validation
app/services/validator.py:36 · SSRF
✓ 12 lower-severity findings filtered out
Ship secure code in your CI/CD workflow
Use the Code Review skill to set up automated PR reviews to catch logic errors, security vulnerabilities, and regressions across your full codebase
In the workflow
Sicurezza per esigenze in continua evoluzione
Beneficia di capacità di ragionamento superiore e risposte di qualità umana.
Build threat context
Give scanning and response a map to work from. Claude derives a threat model from your codebase and past vulnerabilities, then enriches raw indicators with infrastructure links, attribution, and ATT&CK mapping so analysts start with context instead of building it by hand.
Vulnerability detection
Claude reads source code the way a researcher does, reasoning about reachability and exploitability, catching vulnerabilities that static tools often miss.A separate triage pass re-verifies every finding to help reduce false positives.
Patching
Findings now arrive faster than teams can fix them. Claude traces each one to its root cause, hunts sibling call sites with the same flaw, and writes a minimal diff with a regression test for your team to review.
Triage and verify findings
Hand Claude raw findings from any scanner and get back insights. Claude reads the surrounding code to confirm exploitability, deduplicates by root cause, and ranks by precondition and impact, so engineers can focus and work on real issues first.
Security review across the dev loop
Review code for security at every stage of development. Claude checks its own edits as it writes and fixes issues in the same session, then specialized agents re-examine pull requests against your codebase, posting verified findings inline without blocking your review gates.
Secure source code, end to end
As offensive capability accelerates, the find-and-fix loop has to close faster. Claude runs threat modeling, discovery, verification, triage, and patching as one continuous loop on your codebase, carrying context across every stage so each finding arrives at the fix with its full history.
Customer story
Cogent resolves security threats 97% faster with Claude
Claude Opus
500+
high-severity vulnerabilities found that survived decades of scrutiny and automated analysis
Cyber defense powered by Claude, available through our partners
Claude Security
In che modo i team di sicurezza utilizzano Claude
Rilevamento e correzione delle vulnerabilità
Trova le vulnerabilità e i suggerimenti per la correzione in un unico flusso. Claude traccia i flussi di dati nell'intera codebase, stabilisce se un risultato è vulnerabile, prepara una patch conforme ai modelli della codebase e apre una pull request per la revisione da parte del team.
Claude Developer Platform
Building defender agents and products with Claude
Build security products
Integrate Claude's reasoning into your security platform or product through the API and Agent SDK.
- Connect Claude to your scanning, alerting, and remediation workflows through MCP
- Spawn specialized subagents for parallel tasks like triage, severity scoring, and patch generation
- Deploy in sandboxed containers with network controls, credential isolation, and audit logging built into the SDK
"Claude ha mostrato costantemente le migliori prestazioni nei flussi di lavoro complessi e agentici, in particolare nelle indagini a più fasi che richiedono aderenza alle policy e ragionamento prolungato su più strumenti."
Anirudh Ravula, Head of AI
"Il settore della sicurezza si è sempre mosso troppo lentamente rispetto agli attaccanti. L'AI cambia radicalmente l'equazione: è come dare un jetpack ai difensori che fino a ieri potevano solo camminare."
Martin Holste, CTO of Cloud & AI
"Anthropic ha dato priorità alla sicurezza e alla protezione molto più di altri LLM... In quanto più grande azienda di cybersecurity al mondo, per noi è un fattore decisivo."
Gunjan Patel, Director of Engineering
Project Glasswing preview
Insights from our most capable model
Claude Mythos is a research preview model tuned for advanced vulnerability discovery, exploit reasoning, and autonomous security investigation. Mythos extends what Opus can do on the hardest classes of security work.
Cyber defense powered by Claude Opus, available through our partners
