US Cyber Agency Utilizes Mythos for Code Audits in Government
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
Quick Overview
- The US Cybersecurity and Infrastructure Security Agency (CISA) is utilizing Anthropic’s AI technology, Mythos, to assess government software for vulnerabilities.
- Mythos has played a key role in pinpointing possible cybersecurity risks within government code repositories.
- Anthropic’s association with the US government has been intricate, following a standoff regarding AI usage regulations.
- In spite of earlier disputes, Mythos is now being employed by significant US security organizations like the NSA.
- A public iteration of the AI, referred to as Fable, encountered limitations imposed by the White House but has recently been reinstated.
AI in Government Code Evaluations
The Cybersecurity and Infrastructure Security Agency (CISA) has adopted Anthropic’s AI model, Mythos, as part of its auditing initiatives for government software. This effort is designed to uncover and address errors that could potentially expose sensitive data to cybercriminals or foreign powers. The move illustrates the increasing integration of AI tools within government operations, strengthening protective measures against cyber threats.
CISA’s Attack Surface Evaluation Team
The evaluations are performed by CISA’s Attack Surface Evaluation team. This division specializes in assessments of digital security and conducts hacking tests across governmental agencies to validate the strength of their cyber defenses. While specific data on the quantity of vulnerabilities found is not disclosed, the process has reportedly uncovered multiple potential security risks.
Anthropic’s Intricate Relationship with the US Government
Anthropic, which has submitted for a US initial public offering, has had a rocky relationship with the government, mainly due to its protective measures against the misuse of its AI technology. In February, tensions reached a peak when the Pentagon designated the company as a supply-chain risk, alleging it could facilitate espionage. Nonetheless, this designation was lifted in March following a judicial decision.
Mythos and the NSA
Even with the earlier blacklisting, the National Security Agency (NSA) has been employing Mythos since April. The agency has been experimenting with the AI in classified environments, reportedly impressed by its ability to uncover and exploit cybersecurity vulnerabilities. This highlights the AI model’s importance in national security operations.
Public Version Fable and White House Action
Anthropic unveiled a public version of Mythos dubbed Fable, which included cybersecurity protections. However, the White House stepped in, requesting limitations on foreign access to the model. This resulted in a temporary global suspension of Fable, which was rescinded last week, restoring its accessibility.
Conclusion
Anthropic’s AI technology Mythos is playing an essential role in fortifying US government software by identifying possible vulnerabilities. Despite early disagreements with the US government, the AI’s abilities have been acknowledged and utilized by crucial security agencies. The public version, Fable, has also undergone challenges but remains a vital resource in the cybersecurity domain.



















