There is a number that concentrates minds in enterprise cybersecurity right now. The window between the moment a software vulnerability is discovered and the moment it is actively weaponized by an attacker has collapsed from months to seconds. Not weeks. Not days. Seconds.

by Kasun Illankoon, Editor-in-Chief, at Tech Revolt

[For more news, click here]

The AI-assisted exploitation tools available to threat actors have compressed a timeline that defenders spent two decades trying to shorten, and the compression happened fast enough that most organizations are still catching up. The most consequential question in enterprise security at this moment is not whether your software has vulnerabilities. It does. The question is who finds them first.

That is the context in which BeyondTrust, the global leader in privilege-centric identity security, has joined Project Glasswing, Anthropic's initiative to secure the world's most critical software infrastructure. The company's selection places it among a group of vendors whose codebases sit underneath global commerce, government systems, healthcare networks, and essential services. What makes BeyondTrust's inclusion particularly significant is what it guards: the privilege layer, the access controls and identity governance that determine who and what can reach the most sensitive systems in any enterprise environment.

Why Privilege Is the New Perimeter

To understand why BeyondTrust's role in Project Glasswing matters beyond the Middle East region where the company maintains a strong enterprise presence, it helps to understand what privilege security actually is, and why its importance has grown sharply in the AI era. Every enterprise environment runs on identities: human administrators, service accounts, workload processes, and now AI agents. Each of those identities has a privilege level, a defined boundary of what it can access and what it can do. The architecture that governs those privileges is, in effect, the last line of meaningful defense in a world where perimeter security has become a largely theoretical concept.

The emergence of AI agents as a distinct class of identity has added a new layer of complexity to this picture. AI agents can operate with access to sensitive systems, data, and business processes, often at a speed and scale that human oversight struggles to match. They are, as BeyondTrust frames it, one of the fastest-growing yet least-governed classes of privileged identities in any enterprise environment today. That means the software responsible for governing them carries an outsized proportion of the security risk for the organizations that deploy it.

"Millions of the world's most important workloads are protected by privilege controls that we build and maintain. That is a responsibility we take seriously. As AI reshapes both software development and cyber defense, the organizations responsible for securing critical infrastructure must continuously raise the bar."Janine Seebeck, Chief Executive Officer, BeyondTrust

Janine Seebeck, Chief Executive Officer of BeyondTrust, frames the company's participation in Project Glasswing as a natural extension of that responsibility. "Project Glasswing gives us an opportunity to do exactly that by continuing to strengthen the security and resilience of the software our customers rely on to protect all human, machine, and agentic identities," she said.

What Claude Mythos Preview Actually Does Here

As part of Project Glasswing's recently announced expansion, BeyondTrust gains access to Claude Mythos Preview, Anthropic's frontier AI model that is not publicly available and is being deployed specifically within the program. Across Project Glasswing's partner network, Claude Mythos Preview has already demonstrated meaningful results, helping participating organizations surface more than 10,000 high and critical severity vulnerabilities. That is not a theoretical benchmark. Those are real exposures, found in real production codebases, that represent real attack surface reduction for the organizations that operate them.

Claude Mythos Preview in Action

Anthropic's frontier model is being deployed defensively across Project Glasswing partners to identify, validate, and remediate critical software vulnerabilities before attackers can exploit them.

BeyondTrust will apply Claude Mythos Preview defensively across its product portfolio and the BeyondTrust Pathfinder Platform, the unified architecture that secures privilege for human, machine, and agentic identities across endpoints, cloud, and on-premise environments. The practical workflow is identify, validate, and remediate. AI finds the candidate vulnerability, confirms it is real and exploitable, and supports the engineering process of closing it. The speed advantage is significant: a process that might take a security research team weeks to complete can be compressed into a fraction of that time when a capable AI model is doing the initial analysis at scale.

Marc Maiffret, Chief Technology Officer of BeyondTrust, is direct about the nature of the challenge and the reasoning behind collective defense. "The threats ahead are bigger than any one vendor, and the response has to be shared," he said. "We are honored to stand with Anthropic and the other members of Project Glasswing, applying Mythos to our own code to further strengthen the security of the products our customers depend on, and doing our part in a defense no one can mount alone."

"The threats ahead are bigger than any one vendor, and the response has to be shared. We are honored to stand with Anthropic and the other members of Project Glasswing, doing our part in a defense no one can mount alone."Marc Maiffret, Chief Technology Officer, BeyondTrust

A Collective Defense Model for the AI Era

Project Glasswing reflects a structural argument that Anthropic has been making with increasing clarity: that the most consequential cybersecurity work of the next decade will not happen inside individual companies, but in coordinated coalitions where AI capability is shared across the vendors that maintain the world's foundational software. The logic is straightforward. Critical infrastructure, by definition, is interconnected. A vulnerability in the privilege layer of a healthcare network does not stay in that network. The attack surface is collective, and so the defense has to be.

For a US enterprise audience, BeyondTrust's participation in Project Glasswing carries direct relevance. American organizations in financial services, federal government, defense contracting, and healthcare are among the heaviest users of privilege security software globally. The privilege controls that BeyondTrust builds and maintains sit inside some of the most sensitive environments in the country. When those controls are hardened using a frontier AI model capable of surfacing vulnerabilities that conventional security research would take far longer to find, the downstream benefit flows directly to the enterprises and government agencies that depend on them.

The timing also matters. The United States Cybersecurity and Infrastructure Security Agency has repeatedly flagged identity and privilege management as a tier-one attack vector in recent years, and the acceleration of AI-assisted threat tools has made the remediation timeline question more urgent than it has ever been. BeyondTrust's entry into Project Glasswing is a direct response to that urgency, using the same category of AI capability that makes modern attacks faster to make the defense faster too.

The Agentic Identity Problem Is Only Getting Larger

Perhaps the most forward-looking dimension of BeyondTrust's Project Glasswing participation is what it signals about where privilege security is heading. The Pathfinder Platform was built to govern not just human and machine identities, but agentic ones, the AI-driven processes that are now operating with real access to real systems across enterprise environments worldwide. As that population of agentic identities grows, the security demands on the software that governs them will grow with it. Applying an AI model of Claude Mythos Preview's capability to the code that governs AI agents is, in a structural sense, exactly the kind of recursive security investment the current threat environment demands.

The companies that will emerge from the current AI transition with the strongest security posture are the ones that are using AI defensively at the same pace their adversaries are using it offensively. BeyondTrust, through Project Glasswing, has made a clear organizational commitment to being on that side of the equation. For the enterprises whose most critical workloads run on BeyondTrust's privilege controls, that commitment is meaningful, and measurable.

Related Articles:

Censys Expands Attack Surface Management Platform With New Capabilities for Enterprise Security Teams

What Apple's Overhauled Siri Actually Needs to Do to Win Back Its Users

Liferay AI Hub Gives Middle East Enterprises a Low-Code Path to Governed AI Agent Deployment