India gains access to Anthropic's Claude Mythos AI model for code vulnerability scanning. The expansion covers critical infrastructure and financial services. Deployment capacity and remediation speed will determine whether the tool reduces risk or creates a false sense of security.
India has obtained access to Claude Mythos Preview, Anthropic's specialized AI model designed to detect and fix security vulnerabilities in code. The expansion, part of Anthropic's Project Glasswing, extends access to about 150 new organizations across more than 15 countries, with India now included among them.
An Anthropic spokesperson confirmed the expansion includes Indian organizations but declined to name specific entities or the full country list. The access is tightly controlled, limited to public and private organizations that defend critical infrastructure or operate systems in sectors such as power, water, healthcare, communications, financial services, and national security.
Claude Mythos is not a general-purpose large language model. It is a specialized model trained to scan codebases and identify security vulnerabilities. This distinction matters for Indian organizations running legacy public infrastructure platforms, where manual code review is slow and error-prone.
Anthropic's launch partners – including Amazon Web Services, Apple, Cisco, CrowdStrike, Google, and NVIDIA – have already deployed the model and found more than 10,000 high- or critical-severity security flaws in their codebases since April. The scale of those findings suggests the model can surface vulnerabilities that conventional scanning tools miss.
India's public technology platforms, such as those operated by the Central Board of Secondary Education (CBSE), have been flagged by ethical hackers and cybersecurity researchers for security gaps. Legacy codebases, often written in older languages and maintained by small teams, accumulate vulnerabilities over time. Claude Mythos offers a path to audit those systems at machine speed.
Anthropic is not making Claude Mythos publicly available. Access requires meeting security requirements set by Anthropic, and the company retains control over the deployment. The model is available to:
Financial services firms in India are a named focus. The Finance ministry flagged risks posed by the model when Mythos first launched in April and urged financial institutions to strengthen defenses. The Reserve Bank of India has been analyzing Claude Mythos in coordination with global regulators.
New organizations gaining access globally include Okta, Samsung, SK Hynix, SK Telecom, Intercontinental Exchange (owner of the New York Stock Exchange), and payments platform Swift. The list shows Anthropic is prioritizing entities with systemic importance.
Anthropic estimates that for most partners, a major attack could affect more than 100 million people, with ramifications for global and national security. The timeline for Indian organizations to deploy the model and remediate findings is uncertain.
Paramdeep Singh, Co-Founder of Shorthills AI, cautioned that even if powerful models find vulnerabilities, fixing them takes considerable time. "Given the current education levels and overall AI readiness in India, there is a real chance that even if such powerful models were used to find security vulnerabilities, it would take considerable time to fix them," he said. Access and governance of the model are key, he added.
Financial services firms in India are directly exposed. The Finance ministry and RBI have already flagged the model's risks, suggesting regulators view Claude Mythos as both a defensive tool and a potential vector. Banks and payment processors that gain access will need to balance faster vulnerability detection against the operational burden of remediation.
Cybersecurity firms in India face a competitive shift. If Claude Mythos becomes the standard for code auditing, traditional vulnerability scanning tools may lose relevance. Firms that integrate with Anthropic's model could gain an edge; those that do not may see their services commoditized.
Anthropic filed for an initial public offering one day before the expansion announcement, with reports suggesting a valuation above $1 trillion. The timing matters: the IPO filing signals that Anthropic expects its enterprise and government business to be a core revenue driver. India's inclusion in the Mythos rollout strengthens that narrative.
The simple read is that India gains a powerful cybersecurity tool. The better read is that Anthropic is building a moat around its enterprise product by locking in government and critical-infrastructure clients before competitors – including OpenAI and Google DeepMind – deploy equivalent models. Access to Claude Mythos is not a gift; it is a strategic lock-in. Organizations that integrate the model into their code review pipelines will face switching costs if they later want to move to a competing platform.
Sanchit Vir Gogia, Chief Analyst at Greyhound Research, framed the decision in geopolitical terms: "Anthropic's decision matters because it confirms that India is now considered too important to leave outside the frontier cyber perimeter." Whether India turns "access into capability, capability into resilience, and resilience into leverage" depends on the institutions with access, he added.
Confirmation signals:
Weakening signals:
The expansion of Claude Mythos to India is a risk event with asymmetric outcomes. The upside is faster vulnerability detection for legacy systems. The downside is that access without remediation capacity creates a false sense of security. The next six months will show whether Indian institutions can close the gap between finding flaws and fixing them.
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.