Cloudflare Tests AI for Code Security

Cloudflare used Anthropic's new security AI to scan its own code, testing the model's ability to find vulnerabilities and mimic attacker methods.

Cloudflare has been actively testing a new generation of security-focused large language models (LLMs) on its own infrastructure. As part of an initiative called Project Glasswing, the company was invited to use Mythos Preview, a specialized AI model from Anthropic. Cloudflare’s team directed the model to analyze more than fifty of its internal software repositories. The experiment had a dual purpose: to proactively identify potential vulnerabilities within their own systems that could be fixed, and to better understand the capabilities that advanced AI gives to potential attackers. This provides a real-world look at the future of AI-driven security analysis.

This test is significant because it showcases a major infrastructure company using a frontier AI model for internal security auditing. For CTOs, developers, and security teams, it signals a shift towards leveraging AI for proactive defense rather than just reactive measures. The ability of models like Mythos to scan vast codebases for subtle flaws represents a powerful new tool for security professionals. At the same time, it serves as a crucial warning about the evolving threat landscape. As these tools become more accessible, organizations must prepare for attackers who will undoubtedly use them to find and exploit vulnerabilities at an unprecedented scale and speed.