The U.S. government has taken another major step in adopting artificial intelligence for cybersecurity. Its top cyber defence agency is now using Anthropic’s advanced AI model to scan government software for vulnerabilities before hackers can exploit them.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has begun using Anthropic’s Mythos AI model to search government software for security vulnerabilities.
People familiar with the project say CISA’s Attack Surface Evaluation team is leading the effort. The AI system scans government code repositories, identifies potential weaknesses and helps security teams investigate them faster.
The project has already produced results. According to sources, the AI-assisted reviews have uncovered a large number of software vulnerabilities. Officials have not disclosed the affected systems or the severity of the flaws for security reasons.
The deployment marks a significant milestone for AI in cybersecurity. Government agencies have traditionally relied on human analysts to inspect software for weaknesses. AI can now review massive codebases in a fraction of the time, allowing experts to focus on verifying and fixing the issues it finds.
See Also: Meta Adds Bilingual Captions, New Templates and Sound Effects to Its Edits App
The decision also highlights Anthropic’s growing role in national security. Despite recent disagreements between the company and the U.S. government over AI safeguards, federal agencies continue adopting Anthropic’s technology for specialised security work. The National Security Agency (NSA) reportedly began testing Mythos earlier this year and found it effective for identifying software vulnerabilities.
Anthropic has invested heavily in AI-powered software security. Earlier this year, the company launched Project Glasswing, an initiative that brings together technology companies to strengthen the security of critical software using advanced AI tools.
The move comes as cyber threats continue to grow in both scale and sophistication. Governments increasingly face attacks targeting critical infrastructure, public services and sensitive data. Detecting vulnerabilities before attackers discover them has become a top cybersecurity priority.
AI offers clear advantages in that mission. Unlike traditional scanning tools, advanced models can analyse code, understand programming logic and identify complex security weaknesses that might escape automated rule-based systems. Human experts still review the findings before deploying fixes, reducing the risk of false alarms.
The initiative also reflects a broader trend across government. Federal agencies are increasingly exploring AI not only to improve productivity but also to strengthen national cyber defences. As AI systems become more capable, they are evolving into powerful assistants for security professionals rather than replacing them.
Success will depend on more than speed. The same technology that helps governments discover vulnerabilities could also become a powerful tool for cybercriminals if it falls into the wrong hands.
That reality explains why AI companies and governments now treat cybersecurity as one of the most important frontiers for artificial intelligence. The race is no longer just about building smarter AI.
It is about ensuring the safest systems find security flaws before attackers do.

