Claude Mythos 5 & Project Glasswing: What Security Teams Need to Know

exodata.io
Security |Claude Mythos 5 |Project Glasswing |AI Security |Threat Detection |Anthropic

Published on: 9 June 2026

The most security-relevant part of Anthropic’s June 9, 2026 launch isn’t a benchmark—it’s the safety architecture and the introduction of Project Glasswing. Alongside the general-purpose Claude Fable 5, Anthropic released Claude Mythos 5, a restricted variant with certain safeguards lifted for vetted partners in cybersecurity and life sciences. For security leaders, this release is worth understanding on two fronts: the defensive safeguards built into the model everyone can use, and the new access model for the model most can’t.

Two Models, Two Security Postures

  • Fable 5 is the model your organization will actually deploy. It ships with offensive-cyber safeguards fully enabled.
  • Mythos 5 is restricted. Its safeguards are lifted only for authorized cybersecurity and life-sciences users, starting with Project Glasswing partners and expanding to vetted biomedical researchers. It is not generally available, and that’s by design.

The distinction matters because it tells you how Anthropic is thinking about dual-use risk: keep powerful, potentially offensive capabilities behind a vetting gate, while shipping a hardened general model to everyone else.

The Safeguards That Ship in Fable 5

For defenders evaluating AI for their own environment, the safety claims in this release are notably concrete:

  • Offensive-cyber blocking. Fable 5 is built to refuse exploitation and offensive cyber tasks. Anthropic reports external red-teaming found zero successful jailbreaks across 30 public techniques, with validation from outside security organizations and the UK AI Safety Institute.
  • Fallback instead of flat refusal. When a request trips a safety classifier, it’s routed to Claude Opus 4.8 rather than simply denied—reducing the productivity tax of false positives.
  • Low false-positive rate. Safeguards trigger in under 5% of sessions on average.
  • Distillation prevention. Built-in protections resist attempts by competing models to extract capabilities.
  • Alignment. Anthropic reports Mythos 5 showed low misaligned behavior comparable to Claude Opus 4.8 in automated assessment.

Independent red-teaming is the right lens to judge claims like these—something we’ve explored in our look at lessons from red-teaming generative AI products. “Zero jailbreaks across 30 techniques” is a real result, but it’s a snapshot; adversaries iterate, and so should your evaluation.

The Data-Retention Rules You Must Flag

This is the detail to bring to your compliance and legal teams before any adoption:

  • Mandatory 30-day retention applies to Mythos-class model traffic.
  • Retained data is used only for safety purposes and deleted after 30 days.
  • Human access is fully logged.

For most security programs this is reasonable, but it is not optional, and it interacts directly with data-classification and regulatory obligations. If you operate under NIST 800-171 or CMMC, HIPAA, or similar frameworks, confirm that a mandatory 30-day retention window is compatible with your data-handling commitments before you route sensitive data through these models.

What Project Glasswing Signals for Defenders

Project Glasswing is Anthropic’s vetted-partner program giving trusted cybersecurity organizations access to Mythos 5 with cyber safeguards lifted—so defenders can use the full capability for legitimate security work while the same capability stays gated for everyone else. The strategic read:

  • AI-assisted defense is professionalizing. Frontier-grade capability for security work is moving toward a vetted, accountable access model rather than open availability.
  • The capability gap is real but governed. The same model power that could accelerate attacks is being deliberately fenced—an acknowledgment that AI cuts both ways in security, a theme we’ve covered in how AI is shaping cybersecurity.
  • Defenders should plan for AI-capable adversaries regardless. Whether or not your team has Glasswing access, your threat model should assume attackers are using capable AI. Fundamentals—patching, segmentation, identity, monitoring—matter more, not less.

Practical Guidance for Security Leaders

  1. Default to Fable 5. Unless you’re a vetted Glasswing partner, Fable 5 with full safeguards is your model. Don’t architect around Mythos 5 access you don’t have.
  2. Run your own evaluation. Vendor red-team results are a starting point, not a substitute for testing against your data and use cases.
  3. Write the data policy first. Classify what may pass through the model, account for the 30-day retention window, and get compliance sign-off before production use.
  4. Keep humans on detections. Use AI to triage, summarize, and accelerate—not to auto-action security decisions without review.
  5. Strengthen the basics. AI-capable adversaries make solid cybersecurity hygiene and trustworthy AI deployment practices more important than ever.

How Exodata Helps Security Teams

We help organizations adopt AI like Fable 5 within a sound security and compliance posture—data classification, access controls, retention review, and human-in-the-loop detection workflows—so you capture the upside without expanding your attack surface. To talk through where these models fit in your security program, contact our team.

Frequently Asked Questions

What is Claude Mythos 5 and who can use it?

Claude Mythos 5 is a restricted-access model from Anthropic with certain safeguards lifted for authorized users in cybersecurity and life sciences. Access starts with Project Glasswing cybersecurity partners and expands to vetted biomedical researchers. It is not generally available—most organizations will use Claude Fable 5 instead.

What is Project Glasswing?

Project Glasswing is Anthropic’s vetted-partner program that gives trusted cybersecurity organizations access to Claude Mythos 5 with cyber safeguards lifted, so defenders can use the full capability for legitimate security work while the same power remains gated for the general public.

Is Claude Fable 5 safe against offensive-cyber misuse?

Anthropic reports that Fable 5 blocks exploitation and offensive cyber tasks, and that external red-teaming—including the UK AI Safety Institute—found zero successful jailbreaks across 30 public techniques. Flagged requests fall back to Claude Opus 4.8 rather than being refused, and safeguards trigger in under 5% of sessions. Security teams should still run their own evaluations.

What are the data-retention rules for these models?

Mythos-class model traffic is subject to a mandatory 30-day retention window. Retained data is used only for safety purposes, deleted after 30 days, and human access is fully logged. Security and compliance teams should confirm this is compatible with their regulatory obligations before routing sensitive data through the models.

How should security teams respond to AI models like these?

Default to Fable 5 with full safeguards, run independent evaluations rather than relying solely on vendor results, write a data-classification and retention policy before production use, keep humans in the loop on detections, and assume adversaries also have capable AI—making core security hygiene more important, not less.

Related Posts

Security

CIS Benchmarks for Azure: Infrastructure Hardening Checklist [2026]

Harden your Azure environment using CIS Benchmarks. This checklist covers identity, networking, stor...

 Security

Conditional Access Policies in Azure AD: Complete Setup Guide [2026]

Configure Azure AD conditional access policies step-by-step. Covers MFA enforcement, device complian...

 Security

Microsoft Intune Setup Guide: Endpoint Management Step-by-Step [2026]

Complete Intune setup in 12 steps: licensing, tenant config, Windows/iOS/Android enrollment, complia...

 Security

Cisco SD-WAN Zero-Day: What Your Business Needs to Do Right Now

CISA issued an emergency directive for CVE-2026-20127, a critical Cisco SD-WAN flaw exploited since ...
← Back to Blog