Anthropic announced this week that it is limiting the release of its newest model, Mythos, citing its exceptional capability in discovering security exploits within software widely used globally. Instead of a public release, Mythos will be shared with select large companies and organizations operating critical online infrastructure, including Amazon Web Services and JPMorgan Chase.
OpenAI is reportedly contemplating a similar strategy for its upcoming cybersecurity tool. The apparent goal is to equip these major enterprises to preempt malicious actors who could leverage advanced LLMs to compromise secure software systems.
However, this release strategy might encompass more than just cybersecurity or merely hyping model capabilities. Dan Lahav, CEO of AI cybersecurity lab Irregular, previously noted that while AI tools' ability to discover vulnerabilities is significant, the actual value of a weakness to an attacker hinges on numerous factors, including how vulnerabilities can be combined. Lahav's primary concern is whether the discovered vulnerabilities are "exploitable in a very meaningful way," either individually or as part of a larger exploit chain.
Anthropic states Mythos surpasses its predecessor, Opus, in exploit capabilities. Yet, it's not universally accepted that Mythos represents the ultimate cybersecurity model. AI cybersecurity startup Aisle claims it has replicated much of Mythos's reported achievements using smaller, open-weight models. Aisle's team suggests these findings indicate that cybersecurity doesn't rely on a singular deep learning model but rather on the specific task at hand.
Given Opus was already considered a cybersecurity "game changer," another potential motivation for frontier labs to restrict releases to large organizations emerges: it establishes a powerful flywheel for securing substantial enterprise contracts. Simultaneously, it complicates efforts for competitors to copy their models using distillation, a technique that leverages advanced frontier models to cost-effectively train new LLMs.
David Crawshaw, a software engineer and CEO of exe.dev, posited on social media that this strategy serves as "marketing cover" for the reality that top-tier models are now gated by enterprise agreements, rendering them unavailable for distillation by smaller labs. He predicts that by the time Mythos becomes publicly accessible, an even newer, enterprise-exclusive top-end revision will emerge, effectively maintaining enterprise revenue flow and relegating distillation companies to a secondary role.
This analysis aligns with observed trends in the AI ecosystem: a dual race between frontier labs developing the largest and most capable models, and companies like Aisle that leverage multiple models and view open-source LLMs (often originating from China and frequently alleged to be developed via distillation) as a viable path to economic advantage.