CISA uses Anthropic AI to scan federal code for flaws
Wed, 8th Jul 2026 (Today)
The US Cybersecurity and Infrastructure Security Agency (CISA) is using Anthropic's Mythos artificial intelligence model to scan federal government software for security vulnerabilities. Reuters reported that the deployment is part of a pilot programme within the agency's Attack Surface Evaluation team.
The team is using Mythos to audit source code in government systems, searching for flaws that cybercriminals or nation-state actors could exploit across a range of applications.
People familiar with the initiative told Reuters that Mythos has already identified multiple vulnerabilities during testing. They did not disclose the number or severity of the issues, or which agencies and software stacks were covered.
The move places Anthropic, which has faced separate scrutiny as a potential supply-chain risk in the US public sector, at the centre of a sensitive security workflow. It also highlights how quickly generative AI is moving from experimental use cases into high-stakes operational environments inside government.
Some specialists say the choice of tool raises transparency questions. Others focus on the broader effect AI-driven analysis could have on long-standing security backlogs in federal IT.
"The federal government can't seem to decide what it thinks about AI in general, or Mythos in particular. One week Anthropic is a supply-chain risk; the next, CISA is handing Mythos the keys to scan federal code for vulnerabilities. That inconsistency would be bad enough on its own, but because it's not clear what Mythos is actually scanning, it's much worse. Is this government-written code, or software built by third-party contractors and vendors? In-house bugs are one problem. Vendor bugs running across federal systems are a supply-chain problem, and the public has a right to know which one this is," said Bronwen Aker, AI Research & Strategy Analyst, Black Hills Information Security.
Security researchers note that large government environments contain extensive legacy code. Much of it has not undergone modern, systematic security review because of the scale and age of the codebases involved.
Jacob Krell, Senior Director: Secure AI Solutions & Cybersecurity, Suzu Labs, said the pilot addresses only part of the AI risk equation in software development.
"Using AI to scan for vulnerabilities in legacy code while AI generates vulnerable new code on the other end only solves half the problem. CISA pointing Mythos at government codebases is a smart move. I've seen federal systems running code that hasn't had a serious security review in a decade, and a model like Mythos can cover that volume in hours instead of months.
"The blind spot is the generation side. Every federal agency and contractor also has developers writing code with AI assistants, and those tools produce insecure output more often than secure output. Authorization flaws, hardcoded credentials, and missing input validation all ship by default because the models optimise for 'does it run' and skip 'is it safe.'
"Combine both facts and you get a treadmill. Mythos finds legacy bugs, teams patch them, and AI coding tools introduce fresh vulnerabilities into the same repos at machine speed. The backlog doesn't shrink. It gets younger.
"Power grids and water systems are privately run but sit squarely in nation-state crosshairs. CISA can't harden federal code and call it done. If the agency has a scanning tool this capable, the operators running critical infrastructure need access to it too, because those are the systems that actually keep the lights on.
"I'd want CISA to pair this initiative with secure-generation standards for AI coding tools in federal development and extend scanning access to critical infrastructure operators. We are draining the pool while the hose is still running," said Jacob Krell, Senior Director: Secure AI Solutions & Cybersecurity, Suzu Labs.
Others see AI-based code scanning as an extension of long-standing secure development practices, but with new trade-offs around complexity and noise.
"Software code review and analysis is nothing new. Realistically, most issues found are not exploitable unless very specific conditions are met; for example, the vulnerable function must actually be invoked and exposed to an attacker. I believe AI vulnerability scanning will likely find many new and novel issues that were simply too complex for legacy tools to identify. But added complexity can also limit exploitability. AI scanning will likely produce a lot of unactionable output very quickly, and experts will need to review it to identify the real risks," said Chris Traynor, Penetration Tester at BHIS and Instructor at Antisyphon.