Project Glasswing Explained: Anthropic's AI Cybersecurity Consortium
On April 7, 2026, Anthropic announced Project Glasswing -- a private consortium of 12 founding members built to harden critical software against AI-accelerated attacks. The members read like a short list of the companies that actually hold the internet together: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, and Anthropic itself. The price tag is $104 million -- $100M in Claude API usage credits plus $4M in cash donations to the Linux Foundation and Apache. The first public report is due early July 2026. If you run security for a mid-sized enterprise, you are not in the room. But the patches that ship into your stack this summer will almost certainly come from it.
- What it is: Project Glasswing is a private Anthropic-led consortium launched April 7, 2026 to find and fix CVE-class vulnerabilities in critical software with AI-driven analysis, before adversaries do.
- Who is in: 12 founders -- AWS, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks. Plus 40+ organizations on an extended allow-list.
- The money: $100M in Claude API usage credits for partners, $2.5M to the OpenSSF Alpha-Omega program via Linux Foundation, and $1.5M to the Apache Software Foundation.
- Who gets access: Tiered. Founders get deepest collaboration. 40+ extended partners get filtered access. Open-source maintainers apply through the Claude for Open Source program.
- First deliverable: A public report on fixed vulnerabilities and operational learnings, early July 2026 -- roughly 90 days post-launch.
- Governance roadmap: Anthropic-led today; a medium-term transition to an independent third-party body that includes public-sector organizations is planned. No timeline set.
- Implications for us: We will receive the benefit of upstream fixes without being in the consortium. Expect a meaningful patch wave in July. Our exposure window on newly disclosed CVEs shrinks for covered stacks and widens for everything else.
Mythos Preview has been replaced by Claude Mythos 5. As of June 9, 2026, Glasswing partners moved off the April Mythos Preview build and onto Mythos 5, Anthropic's most capable model tier for the program. Mythos 5 is the same underlying model as the new generally available Claude Fable 5, but with the standard safeguards lifted for the consortium's vetted cyberdefenders. Where Fable 5's classifiers route higher-risk queries to a more restricted model, Glasswing partners get the unconstrained defensive capability.
The consortium has grown to roughly 150 organizations. The program launched in April 2026 with an initial group of ten industry leaders -- AWS, Apple, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. It has since expanded to around 150 organizations, with newly reported additions including Dragos, Tenable, Trend Micro, Netskope, BeyondTrust, Rubrik, BT, ICE, and Hitachi. Membership remains invitation-only and NDA-bound; the numbers above are vendor- and industry-reported rather than independently audited.
Glasswing by the Numbers
Four numbers define the shape of the initiative. Memorize these and you can hold a conversation about Glasswing with any C-suite.
The 12 Founding Partners, Grouped by Stack Layer
The selection is not random. Each founder covers a different layer of the software supply chain -- infrastructure, endpoint, silicon, open source, finance, and the frontier AI itself. Together they cover roughly the full path a vulnerability travels from hardware to hosted workload.
| Layer | Members | Role in Glasswing |
|---|---|---|
| Cloud / Hyperscale | AWS, Google, Microsoft | Runtime environments, cloud-native services, managed infrastructure |
| Endpoint & Network | CrowdStrike, Palo Alto Networks, Cisco | EDR, firewall, SASE, threat detection across enterprise perimeters |
| Hardware / Silicon | NVIDIA, Broadcom, Apple | Chips, device security, supply-chain integrity, secure enclaves |
| Open Source | Linux Foundation | Stewardship of foundational OSS through OpenSSF and Alpha-Omega |
| Finance / Critical Industry | JPMorganChase | Banking-sector threat model, regulated-industry operational reality |
| Frontier AI | Anthropic | Consortium lead, Claude model access, coordination, funding |
Follow the Money: $104M in Three Buckets
The headline funding number is $104M. It breaks into one large in-kind commitment and two much smaller cash grants -- and the shape matters. The overwhelming majority of dollars stays inside Anthropic's economic gravity well (usage credits on Anthropic infrastructure), while a minority goes to independent OSS foundations.
Reading the ledger: 96% of the announced commitment is in-kind Claude API credits -- useful only if you are already running Claude-based tooling. The $4M in cash donations is real independent money but modest at foundation scale. Expect the OSS community to welcome the grants while pressing for more cash relative to credits in any follow-on round.
Who Gets Access: The Three-Tier Model
Access is not a single thing. It is a tiered allow-list, and the tier you sit in determines how much of Glasswing actually reaches your team.
Everyone else (including you, most likely): You receive the downstream benefit of any fixed vulnerabilities when partners release patches through normal distribution channels. You do not get early-warning disclosure, threat intelligence shared within the consortium, or access to the Claude credits. Plan accordingly: this is not a program you can apply to for enterprise advantage.
Partner Voices: What They Are Actually Saying
The quotes released with the announcement reveal the angle each founder is taking. Pay attention to what gets emphasized -- and what gets elided.
What to notice: The Microsoft quote references Claude Mythos Preview -- not public Claude -- indicating partners get early access to unreleased safeguarded models. That access asymmetry is one of the real differentiators for consortium members.
Governance: Now vs Later
Glasswing has two governance models -- a present one and a future one. The gap between them is where most of the open questions live.
Today: Anthropic-Led
As of launch, Anthropic manages access (who gets in), funds credits (the $100M usage pool), and coordinates disclosure (which fixes move through which partners, in which order). There is no independent board, no rotating chair, no public charter. Anthropic is the convener, the treasurer, and the disclosure traffic cop.
Medium-Term: Independent Third-Party Body
Anthropic has stated publicly that the consortium will transition to an independent third-party governance body bringing together private-sector and public-sector organizations. No timeline has been attached. No candidate organizations have been named. No charter has been published.
For security leaders evaluating Glasswing's outputs: Until the independent body exists with a published charter, every Glasswing disclosure passes through an entity with a direct commercial interest in Claude adoption. That is not disqualifying, but it is context you should carry when reading a Glasswing report.
The Political Context: Why This Is a Private Consortium
Glasswing launched into a political environment that actively disfavors Anthropic in some government corridors -- and that shapes why it looks like a private industry pact rather than a government partnership.
Senator Warner Applauds
Senator Mark Warner (D-VA), vice chair of the Senate Intelligence Committee, publicly endorsed the launch, praising the founders for "recognizing this threat and proactively sharing information, capabilities, and computing capacity." Warner's Intelligence Committee role gives that endorsement weight in the national security community.
Trump Administration Friction
According to reporting from The Guardian, the Trump administration has banned government and military use of Anthropic's products and labeled the company a "supply-chain risk." That posture closes the door on the kind of public-private program that CISA has historically anchored. A private consortium is what remains viable when the executive branch is hostile.
Wall Street Briefing
Also reported by The Guardian: Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell reportedly convened Wall Street executives to prepare for "Mythos-class" risks -- a reference to Anthropic's next-generation safeguarded model tier. JPMorganChase's participation as a Glasswing founder reads differently in that context: the bank is not experimenting, it is hardening.
Why this matters for your planning: Glasswing is the private sector building a cybersecurity muscle that, in an earlier political cycle, would have been anchored by a government program. If federal AI-security funding shrinks or stalls, expect more private consortia of this shape, not fewer.
Critiques and Open Questions
Not everyone is applauding. Four critiques are worth taking seriously before you assume Glasswing is unambiguously net-positive.
How Partners Access Claude: Platform Routes
Different founders route Claude access through different platforms. If you want to understand which vendor's channel a fix might flow through, these are the four paths.
Glasswing Timeline: Leak, Launch, 90-Day Report
The public trajectory has four visible markers and two signposted future ones.
Who Should Care About Glasswing
Four professional audiences should read the July report carefully. Here is what each one is looking for.
Learn More: Video Resources
Video coverage pending editorial review. Analyst explainers on the Project Glasswing announcement, the 12-founder consortium structure, and the forthcoming 90-day report are emerging across the security community. We will add verified video embeds once they meet our sourcing threshold. Until then, the Anthropic announcement, Frontier Red Team research page, and founder companies' press statements are the authoritative written sources.
Go Deeper
Resources from across Tech Jacks Solutions
What Is Agentic AI?
Understand the architecture behind autonomous AI agents
Prompt Engineering Library
Prompting techniques that get better results from any AI
FREEAI Governance Charter
Establish your organization's AI principles in one document
AI Glossary
Definitions for AI terms used in this article