With Glasswing, Anthropic is outlining an initiative likely to redefine the balance of cybersecurity on a global scale.
The project brings together a coalition of some of the most structuring players in the digital economy – Amazon Web Services, Google, Microsoft, NVIDIA, Apple, as well as Cisco, CrowdStrike and Palo Alto Networks – around a common objective: securing the most critical software using an artificial intelligence model capable of identifying, but also exploiting, vulnerabilities on an unprecedented scale and with efficiency.
At first glance, the initiative is a continuation of industrial cooperation in cybersecurity, but in reality it reveals a more profound change. Because with models like Mythos, cybersecurity ceases to be a field based on human expertise and becomes an infrastructure function, dependent on computing power, access to models and the ability to operate at scale.
Cybersecurity in the process of concentration
The Glasswing project redraws the contours of a system in which the ability to detect vulnerabilities relies on a limited number of actors capable of operating on an industrial scale.
This development comes at a time when artificial intelligence models are crossing a critical threshold. Vulnerability discovery is no longer limited by individual expertise, but by the ability to mobilize systems capable of analyzing massive volumes of code and interactions. In this context, the advantage no longer goes to the one who best masters the techniques, but to the one who controls the tools.
Cybersecurity, historically distributed between researchers, companies and public institutions, tends to be concentrated around platforms capable of industrializing these processes. This trend is all the more structuring as it redefines the balances of the sector.
Europe currently excluded from the system
It is in this context that the absence of European players within Glasswing takes on its full meaning. Even though the initiative brings together the main operators of the global digital infrastructure, no major European player is associated with the system. This absence reveals the concentration of power shared by players capable of combining, within the same ecosystem, advanced models, cloud infrastructures and operational capabilities.
The gap is primarily technological. At this stage, Europe does not have so-called “frontier” models equivalent to those used in Glasswing for such sensitive uses, in particular when it comes to automating the detection and exploitation of vulnerabilities on a large scale.
But the differential is not limited to technology: it is also industrial. Where American players operate in an integrated manner, linking together cloud, models, cybersecurity and infrastructure, the European ecosystem remains fragmented. This dispersion complicates the emergence of coalitions capable of responding to systemic issues with the same speed.
Added to this is an institutional asymmetry. Europe has structured a normative response to the rise of artificial intelligence, by establishing itself as a regulatory center. However, Glasswing does not fall under this logic and is part of a dynamic of operational standardization, where the rules emerge from usage and coordination between dominant players.
In a model where cybersecurity is based on access to advanced capabilities, not participating in their development amounts to depending on those who operate them. This dependence does not only concern the tools, but also the knowledge of the vulnerabilities themselves, and this knowledge constitutes a strategic resource.
Can we still talk about digital sovereignty when the ability to secure infrastructure depends on external systems?
A new layer of power
Beyond the European case, Glasswing reveals that cybersecurity is no longer just a technical issue, but a central dimension of technological power.
After mastering data, platforms and the cloud, we now add that of mapping the vulnerabilities of the global digital system. This capacity is decisive for the resilience of infrastructures and the stability of digital environments.
