CISA Deploys Anthropic's Mythos Model to Audit U.S. Government Code
Key Takeaways
- ▸CISA's Attack Surface Evaluation team is leveraging Anthropic's Mythos model to scan and audit federal government code repositories for security vulnerabilities
- ▸The model has already identified numerous bugs and weaknesses that could potentially be exploited by foreign intelligence services or cyber criminals
- ▸This high-profile government adoption signals renewed confidence in Anthropic's technology despite recent conflicts with the White House over AI safety safeguards
Summary
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is using Anthropic's Mythos AI model to scan government code repositories for vulnerabilities that could expose federal systems to foreign adversaries and cybercriminals, according to sources familiar with the initiative. The audits are being conducted by CISA's Attack Surface Evaluation team, which specializes in digital security assessments and offensive security exercises across the federal government.
The ongoing code audits have already uncovered a significant number of vulnerabilities, though the scope and severity of findings remain undisclosed. The initiative represents a major boost for Anthropic's government credibility, coming as the company navigates a warming—but still complex—relationship with U.S. federal agencies.
The partnership emerges following a period of heightened tensions. The Pentagon formally blacklisted Anthropic in February over its refusal to remove AI safeguards preventing autonomous weapons and surveillance applications, but a federal judge blocked that designation in March. The National Security Agency has been quietly using Mythos since April, with analysts reportedly impressed by the model's vulnerability-detection capabilities. Anthropic is currently pursuing a confidential IPO filing.



