“We scanned 1.8 billion lines of code in eight weeks,” Cisco’s SVP Anthony Grieco wrote — a scale he said would have taken the company’s advanced security team eight years. The headline number is striking; the follow-up questions are immediate and, so far, unanswered.
Cisco’s claim: 1.8 billion lines of code across the portfolio
In a Tuesday blog post, Anthony Grieco, who heads Cisco’s security and trust organization, said advanced frontier AI systems — including Anthropic’s Claude Mythos Preview and OpenAI’s GPT 5.5‑Cyber — were used to scan “1.8 billion lines of code in eight weeks” for vulnerabilities in Cisco products. Grieco said that the scanned code spanned Cisco’s portfolio and was written in more than 25 different programming languages.
Grieco framed the achievement as a blunt efficiency gain: what would have taken human teams eight years was compressed into two months by pairing frontier models with automation and human review. Cisco did not, however, disclose how many vulnerabilities those scans found or whether identified flaws have been remediated, and the company did not respond to The Register’s follow-up questions about those points.
Grieco’s framing: “speed is only half the story”
Grieco cautioned that raw speed is not the full measure of success. “Speed is only half the story,” he wrote, calling the “real breakthrough” the “scale, quality, and impact” of findings generated by the models. He used a visual metaphor to describe the change in approach: “Rather than focusing on a specific scope for a security evaluation, we can assess entire code bases of a product. It’s like switching from a flashlight to a flood light to illuminate a dark room.”
Grieco said each finding was validated through a hybrid of AI and human expertise so that engineering teams receive “actionable intelligence rather than a wall of warnings.” The blog therefore positions the use of frontier models as a tool for triage and prioritization, not as a fully automated replacement for human security engineering.
Netzilla’s harness and the under‑3% false positive claim
Grieco’s post credited a “human‑guided harness” built by a vendor named Netzilla for pairing the frontier models with human reviewers. According to Grieco, that hybrid workflow achieved a false positive rate of under 3 percent.
The specific role attributed to Netzilla — orchestrating the models and human validation — is central to the claim that results were actionable. Grieco’s language suggests a pipeline in which AI surfaces candidate issues and humans confirm and contextualize them before handing them to product engineering teams.
Anthropic’s Project Glasswing expansion and partner list
Anthropic said on Tuesday it was expanding Project Glasswing by about 150 additional organizations, bringing the total partner count to about 200. Project Glasswing is Anthropic’s controlled partner program for giving selected organizations access to Claude Mythos Preview; Anthropic previously limited the preview to about 50 entities when it announced the model and partner program in early April.
Anthropic said the newly expanded cohort spans more than 15 countries and covers industries that were under‑represented in the initial cohort, “such as power, water, healthcare, communications, and hardware.” Anthropic declined to name many of the new partners but the Register report and Anthropic’s blog identified specific additions in South Korea — the Korea Internet and Security Agency (KISA), Samsung Electronics, SK hynix, and SK Telecom — and said Rubrik, a data security and management vendor, was among the new partners. Anthropic requires each new partner to meet its security requirements before gaining access to Mythos.
How Palo Alto Networks, Rubrik, and Cisco engineering teams are responding
- Palo Alto Networks: After a month of scanning more than 130 products across three platforms with frontier models (including Mythos), Palo Alto Networks reported uncovering 26 CVEs representing 75 underlying security issues. The company contrasted that output with its typical disclosure rate of “fewer than five CVEs per month.” A Palo Alto exec also forecast a “narrow three‑to‑five‑month window” for organizations to outpace adversaries before “AI‑driven exploits start to become the new norm.”
- Rubrik and other new Glasswing partners: Rubrik confirmed it is among the expanded Glasswing partners. Anthropic said the new partners include vendors that “maintain codebases that are relied upon by lots of other organizations around the world, including governments,” implying a focus on supply‑chain impact and shared dependencies.
- Cisco engineering teams: According to Grieco, validated findings from the hybrid pipeline are being routed to Cisco engineering so teams can receive “actionable intelligence.” What is still unknown — and material to how those teams prioritize work — is the number, severity, and remediation status of the vulnerabilities surfaced by the scans.
There are clear, concrete gains claimed: scale, faster discovery, and a low false positive rate when AI is paired with human review. There are also key questions left on the table by the public record in this report — most notably how many flaws the models actually uncovered, how many have been fixed, and how partners and vendors will govern access to models that can both find and exploit vulnerabilities. Anthropic has expanded access through Project Glasswing; Cisco says it is applying a hybrid verification pipeline; Palo Alto Networks has shared a tangible CVE yield — but the broader balance between discovery, disclosure, and defensive remediation remains to be shown in numbers and timelines.




