"Allowing members to see firsthand how advanced AI can identify and reason through software vulnerabilities," a committee aide who attended the briefing said, "what we saw reinforced the urgency of ensuring that federal agencies, including our civilian cyber defenders, can responsibly access and deploy the most advanced U.S. models to find and patch vulnerabilities before foreign adversaries or criminal actors exploit them."
Anthropic’s closed-door demonstration of Mythos
On Wednesday, Anthropic presented a closed briefing to the House Homeland Security Committee that included a live demonstration of Mythos, the company's AI model the company markets for autonomously uncovering cyber vulnerabilities. Sources who attended described a hands-on session where members could watch the model identify and reason through software flaws. The Hill reported the Anthropic team leading the meeting included Logan Graham from the company's frontier red team and Josh Tilstra from its national security programs and policy team.
Lawmakers split on access and oversight: Thompson, Ogles, Ramirez
Not all committee members were present. Top committee Democrat Bennie Thompson of Mississippi and GOP cyber subcommittee chair Andy Ogles of Tennessee told CyberScoop they were unable to attend the briefing. Ogles told CyberScoop he plans to hold a hearing of his subcommittee related to Mythos but missed Wednesday's session because of scheduling conflicts. The top Democrat on Ogles's subcommittee, Delia Ramirez of Illinois, also did not attend due to prior commitments and was set to receive a staff briefing afterward, her office said. Meanwhile, committee Democrats have requested a classified briefing with Anthropic.
Federal use: CISA reportedly not; NSA reportedly is; DoD blacklist
The briefing unfolded against an uneven federal posture toward Anthropic. Reporting shows the Cybersecurity and Infrastructure Security Agency (CISA) reportedly is not using Mythos, while the National Security Agency reportedly is. That split follows a Department of Defense action that labeled Anthropic a "supply chain risk" after the company resisted Pentagon pressure to use its Claude model in ways the company opposed. The department nonetheless says it has been using Mythos to identify cyber vulnerabilities despite the blacklist.
How technologists, policymakers, and national security agencies are responding
- Technologists and security teams: The committee aide's account of a live demo suggests security teams will press to understand technical controls, oversight, and access mechanisms that allow Mythos to run against software without producing risky operational spillover. Attendees reported a focus on preserving the U.S. advantage on compute power.
- Policymakers and committee staff: Several members, staff, and committee Democrats are pursuing additional briefings—classified where requested—and scheduled hearings. GOP subcommittee chair Andy Ogles has announced plans for a dedicated hearing on Mythos.
- National security and civilian agencies: Agencies are weighing competing priorities—national security needs for early access (echoed by Rep. Jim Himes saying it would be "insane" for U.S. spy agencies not to have early access to advanced AI models) against supply chain risk designations and interagency differences over procurement and operational use.
Context from other recent developments and the brief's framing
The Anthropic briefing followed a separate recent closed session for the committee that included both Anthropic and OpenAI. It also came one day after OpenAI announced its own cybersecurity initiative, and amid reporting of a turf battle within the administration over AI model testing. A committee aide framed the broader concern plainly: "as the PRC aggressively works to close the AI innovation gap with the United States, the committee remains focused on ensuring that America's AI leadership translates into a durable national security advantage, not a temporary lead that adversaries can copy, steal, or rapidly commoditize."
Members who attended described the meeting as productive, with bipartisan focus on preserving the U.S. competitive edge—often distilled in questions about compute power and access. Others who could not attend are pursuing briefings and oversight, and Ogles has signaled a formal hearing is forthcoming.
The immediate, concrete next steps are now a matter of record: committee Democrats have requested a classified briefing with Anthropic, and the cyber subcommittee chair plans a public hearing. Beyond those items, the record left on Wednesday centers on three unresolved operational tensions visible in the room—how to give agencies the tools they say they need, how to manage supply chain and procurement risk labels, and how to reconcile competing agency decisions about whether to adopt Mythos in practice.
