Pentagon Reiterates Anthropic Blacklist, Eyes Mythos Cybersecurity Model
Pentagon CTO Emil Michael confirms Anthropic is still blacklisted but acknowledges agency interest in Mythos.
Why it matters: Legal and cybersecurity professionals are watching how shifting Pentagon and White House positions could reshape federal AI procurement policies, influence supplier risk management, and set new precedents for evaluating national security risks in AI sourcing.
- Anthropic remains excluded from Pentagon AI suppliers due to supply chain concerns, per CTO Emil Michael.
- Interest in Anthropic's Mythos cybersecurity model is prompting government-wide evaluation.
- NSA is reportedly using Mythos Preview for vulnerability scanning, despite Pentagon's stance.
- White House may issue new guidance to allow agency use of models like Mythos despite supplier risk.
Pentagon CTO Emil Michael confirmed in a recent statement that Anthropic remains blacklisted from Department of Defense contracts, citing ongoing supply chain risks, even as the agency closely evaluates the company’s advanced model, Mythos.
- The Pentagon has active AI agreements with seven major players—SpaceX, OpenAI, Google, NVIDIA, Reflection, Microsoft, and Amazon Web Services—but keeps Anthropic excluded. (Business Standard)
- The interest centers on Mythos, an AI model from Anthropic that can rapidly identify and exploit critical cybersecurity vulnerabilities—a double-edged sword leading to its restricted release. (Washington Post)
- Emil Michael acknowledged the government-wide nature of the issue: “...that model has capabilities that are particular to finding cyber vulnerabilities and patching them.”
Despite the Pentagon's official stance, the National Security Agency (NSA) is reportedly deploying the Mythos Preview model to scan for exploitable vulnerabilities—a sign of high internal demand for the tool. (TechCrunch)
Meanwhile, the White House is developing guidance that could let agencies bypass Anthropic's risk designation and acquire models like Mythos when justified by mission needs. (Axios)
For legal teams advising on government procurement or tracking compliance, this evolving scenario highlights the intersection of supply chain risk, cybersecurity, and emergent regulatory frameworks for AI.
By the numbers:
- 7 — Number of AI companies with Pentagon agreements (excluding Anthropic)
- 1 — Number of government agencies (NSA) reportedly using Mythos Preview despite blacklist
Yes, but: Specifics on the NSA's implementation of Mythos and details of the supply chain concerns remain undisclosed.
What's next: Potential White House policy could permit agencies to override Anthropic’s supply chain risk status for select AI acquisitions.