Skip to main content

Microsoft Turns to Anthropic’s Mythos to Improve Cyber Defense

Microsoft has unveiled plans to incorporate Anthropic’s Claude Mythos Preview model and other AI models into its Security Development Lifecycle, embedding AI directly into the stages where code is written and tested.

Rather than relying primarily on static analysis tools, Microsoft is adopting AI models capable of analyzing code dynamically and identifying complex vulnerabilities that might otherwise go undetected until later stages of development.

Released on April 7, Anthropic’s Mythos model has already demonstrated a previously unmatched ability to uncover critical flaws across operating systems and widely used software. Anthropic claimed that the model’s ability to find security vulnerabilities is so advanced that it should not be released to the public.

Microsoft gained access to the model through Anthropic’s Project Glasswing, a program that grants limited access to select tech firms for cybersecurity research. Within this framework, Microsoft is reporting measurable improvements to cybersecurity.

Microsoft’s strategy focuses on embedding AI deeper into the security workflow while extending its impact beyond internal development. Within engineering teams, AI models are being applied earlier in the coding process to identify and remediate issues before software is finalized.

For customers, Microsoft aims to provide clearer visibility into risk exposure across infrastructure, including patching gaps and externally accessible systems. In parallel, the company is building tools that can manage vulnerability detection and remediation at scale, including a multi-model scanning platform expected to enter preview in 2026.

Microsoft’s platforms, of course, form a substantial portion of global IT infrastructure. Enhancements to the company’s internal security practices could strengthen protections across this ecosystem without requiring direct adoption of the underlying AI models.

New Risks

The rise of advanced AI introduces a host of new risks. The same systems that accelerate vulnerability detection can also be used to identify and exploit weaknesses more quickly. Microsoft acknowledged that today’s AI capabilities are compressing the window between discovery and attack, increasing the importance of rapid mitigation.

Earlier, less reliable generations of security tools focused on identifying known issues through predefined rules. AI-driven systems, by contrast, can adapt based on prior findings, simulate attack scenarios, and operate continuously as code evolves. This is redefining expectations for securing software before deployment.

Despite these advances, any IT pro will tell you that AI cannot completely replace human expertise. Because these models rely on learned patterns, they may struggle to identify entirely new categories of vulnerabilities. Human oversight remains critical, particularly in high-risk or completely new scenarios.



from DevOps.com https://ift.tt/QsT9bjI
Labels:

Comments

Post a Comment

Popular posts from this blog

Cursor’s New SDK Turns AI Coding Agents Into Deployable Infrastructure

For most of its life, Cursor has been an IDE. A very good one. But with the public beta of the Cursor SDK, the company is making a different kind of move — one that should get the attention of DevOps teams. The Cursor SDK is a TypeScript library that gives engineers programmatic access to the same runtime, models, and agent harness that power Cursor’s desktop app, CLI, and web interface. In short, the agents that used to live inside an editor can now be invoked from anywhere in your stack. That’s a meaningful shift in how AI coding tools fit into software delivery pipelines. From the Editor to the Pipeline If you’ve used Cursor before, the workflow is familiar — you interact with an agent in real time, asking it to write functions, fix bugs, or review code. The SDK breaks that dependency on interactive use. Now you can call those same agents programmatically, from a CI/CD trigger, a backend service, or embedded inside another tool. Getting started is a single inst...
Post a Comment
Read more

Mistral Moves Coding Agents to the Cloud — and Gets Out of Your Way

For the past year or so, AI coding agents have been tethered to your local machine. You kick off a task, watch the terminal, and babysit every step. It works — but it’s not exactly hands-free. Mistral just changed that. On April 29, the Paris-based AI company announced remote coding agents for its Vibe platform, powered by a new model called Mistral Medium 3.5. The idea is simple: Instead of running coding sessions on your laptop, they now run in the cloud — asynchronously, in parallel, and without you watching over them. What’s Actually New Coding sessions can now work through long tasks while you’re away. Many can run in parallel, and you no longer become the bottleneck at every step the agent takes. That’s the core pitch. You start a task from the Mistral Vibe CLI or directly from Le Chat — Mistral’s AI assistant — and the agent handles the rest. When it’s done, it opens a pull request on GitHub and notifies you, so you review the result inste...
Post a Comment
Read more

GitHub Resets Copilot Pricing as AI Compute Costs Surge

The development community saw this one coming: GitHub will transition its Copilot service to a usage-based billing model on June 1, replacing its existing system of fixed subscriptions supplemented by premium request limits. As reported last week, GitHub suspended new sign-ups for several of its Copilot subscription tiers as it faced a surge in demand from agentic coding workflows. To address that, under GitHub’s new pricing model, customers across individual, business, and enterprise tiers will receive a monthly allocation of AI credits, which are consumed based on token usage. This includes input, output, and cached data processed by underlying models. Once those credits are exhausted, users can purchase additional capacity at published rates. The change leaves base subscription prices intact. Individual plans remain priced at $10 per month for Pro and $39 for Pro+, while business and enterprise tiers continue at $19 and $39 per user per month, respectively. Each plan’s monthly ...
Post a Comment
Read more