Anthropic
Sources: Anthropic (homepage) · Project Glasswing · Claude Code Security · Frontier Red Team — zero days
AI lab; producer of Claude foundation models (Opus, Sonnet, Haiku) and preview-stage Claude Mythos Preview frontier model. CoSAI Premier Sponsor, ISO 42001 certified. Referenced 17+ times across the wiki.
Notable Output (security-relevant)
- Project Glasswing (announced May 12, 2026): 12-partner coalition initiative with $100M in usage credits + $4M in OSS-security donations applying Mythos to defensive vulnerability discovery on critical software. Partners: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, plus 40+ extended-access organizations. Mythos is also deployed offensively (non-Glasswing-partner) via XBOW (see XBOW’s evaluation). Mythos is NOT planned for general availability: preview-only at $25/$125 per M tokens via Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry. Anthropic commits to 90-day public reporting on Glasswing findings.
- Claude Code Security (announced Feb 20, 2026): defender-first vulnerability-discovery capability built into Claude Code on the web. Limited research preview for Enterprise + Team customers with expedited free access for OSS maintainers. Read-and-reason analysis + multi-stage self-critique verification (“Claude attempts to prove or disprove its own findings”) + severity + confidence ratings + dashboard review with human-approval-gated patches. Capability anchor: Anthropic FRT found 500+ vulnerabilities in production OSS codebases using Claude Opus 4.6 (cited via red.anthropic.com/2026/zero-days/). See the paper page.
- 2026 Agentic Coding Trends Report (early 2026): vendor strategic forecast with Trend 8 (“agentic coding improves security defenses — but also offensive uses”) and Priority 4 (“embedding security architecture as a part of agentic system design from the earliest stages”).
- Frontier Red Team blog (red.anthropic.com): technical detail layer for the FRT’s CTF evaluations, PNNL critical-infrastructure partnership, and zero-days discovery work.
Relevance to This Wiki
Anthropic occupies three distinct slots on the ai-vuln-discovery axis: (a) coalition organizer (Project Glasswing, the May 2026 capability-distribution mechanism across 52+ organizations); (b) commercial-preview product vendor (Claude Code Security, the Feb 2026 defender-first productization on Claude Code on the web); (c) model substrate (Mythos + Claude Opus 4.6, the underlying capability that the Anthropic FRT used to find 500+ OSS vulnerabilities). Across all three slots, the strategic framing is defender-first: capabilities are distributed to defenders ahead of offensive exposure via Glasswing partner restrictions, Mythos’s no-GA stance, and CCS’s expedited-OSS-maintainer access.
Methodologically, Anthropic is convergent with OpenAI (Codex Security) on rejecting rule-based SAST as the prior generation and adopting the human-security-researcher metaphor. See Adversarial Reflexion for the cross-product FP-control discipline.
Contradicts MOAK empirical results
The Anthropic Red Team publicly stated: “Opus 4.6 is currently far better at identifying and fixing vulnerabilities than at exploiting them. This gives defenders the advantage.” (cited in MOAK origin story, Apr 9 2026).
MOAK’s published results demonstrate 98% autonomous exploitation of CISA KEVs using Claude Opus 4.6 as a primary model inside a five-agent agentic pipeline — directly contradicting the claim that Opus 4.6 does not give attackers exploitation capability. The Anthropic statement may accurately characterize bare-model capability; it does not account for agentic orchestration, which MOAK demonstrates closes the gap. See MOAK origin story for the full analysis.
Adjacent Gaps
- FRT zero-days post (red.anthropic.com/2026/zero-days/) cited as the load-bearing capability anchor for Claude Code Security; not yet ingested.
- FRT critical-infrastructure post (red.anthropic.com/2026/critical-infrastructure-defense/): PNNL partnership cited inline; not yet ingested.
- FRT CTF post (red.anthropic.com/2025/ai-for-cyber-defenders/): Claude entered in competitive Capture-the-Flag events; not yet ingested.
- Full product line and SKU map; ISO 42001 + AIUC-1 posture; complete personnel list; FRT team breakdown; relationship to US-government AI Safety Institute (AISI); the proposed “independent third-party body” governance structure floated in the Glasswing post.