The US Cybersecurity and Infrastructure Security Agency (CISA) has started using the Mythos artificial intelligence model to scan government software for cyber vulnerabilities. The system has already helped to identify numerous potential vulnerabilities in code repositories.
- CISA uses Mythos to audit government software code.
- The model identified a large number of potential vulnerabilities.
- Anthropic continues to work with the US government following the conflict.
- Mythos is also being tested by the US National Security Agency.
- The use of AI is transforming approaches to cybersecurity in the US.
Artificial intelligence checks government software
The US Cybersecurity and Infrastructure Security Agency (CISA) uses Mythos, a specialised artificial intelligence model developed by Anthropic, to automatically analyse government software code repositories. The checks are carried out by the Attack Surface Evaluation team, which is responsible for auditing the cybersecurity of federal systems and identifying potential vulnerabilities.
According to three of the agency’s sources, the model has already helped to identify a significant number of vulnerabilities that could potentially have been exploited by cybercriminals or foreign intelligence services. However, details regarding the nature of the vulnerabilities identified or the scale of the systems tested are not being disclosed at this stage.
Despite the controversy, Anthropic is returning to government projects
Usage. Mythos This comes after a difficult period in relations between Anthropic and the US authorities. Earlier this year, the company refused to lift restrictions prohibiting the use of its models for autonomous weapons and mass surveillance. As a result, the Pentagon temporarily added Anthropic to its list of companies posing a heightened risk to supply chains.
Subsequently, a court blocked this decision, and cooperation between the company and government bodies resumed. Mythos is already being used by the NSA. According to Reuters and other US media outlets, the Mythos model is also being tested at the US National Security Agency (NSA). It was previously reported that NSA analysts had given a positive assessment of the system’s ability to identify cyber vulnerabilities and analyse software code, even in classified environments.
Why it matters
The integration of artificial intelligence into the cyber defence processes of federal systems reflects a shift in the US intelligence agencies’ approach to digital security. The use of AI makes it possible to identify potential vulnerabilities much more quickly, but at the same time raises questions regarding oversight, security and the role of private AI companies in government projects.







