Anthropic's Cybersecurity Model Mythos Nearing Full Rollout; Pricing at ~6x Opus Sparks Controversy

Miles Bennett
Published 2026-06-02About 12 min read

Anthropic plans to open its cybersecurity-focused AI model Mythos to all customers within weeks; priced at roughly 6× its top public model Opus per token, early testers burned through over a million dollars in weeks, forcing CFOs into a new budget conversation around AI-driven security.

01

What is Mythos, and why was it kept under wraps?

Mythos is an AI model Anthropic built specifically for cybersecurity — finding system vulnerabilities and simulating attack paths.
Anthropic previously restricted access to a handful of companies, fearing the model could be reverse-used to launch cyberattacks.
A UK AI testing body found Mythos significantly outperformed OpenAI's comparable model, GPT-5.5-cyber, on complex security tasks.
This means → Anthropic has had a capability lead in this niche but deliberately throttled distribution — until now.
02

How strong is it? 24 vulnerabilities in three weeks — at a cost of over $1 million

Palo Alto Networks, one of the earliest testers, reported Mythos found over 24 critical vulnerabilities in roughly three weeks — about 5× what its existing tools typically catch.
The bill was equally striking: the company burned through over $1 million in token credits "very quickly" — currently subsidized by Anthropic, not paid out of pocket.
Another tester said costs could reach several million dollars after just a few weeks of use.
In plain terms = the model finds five times more holes than legacy tools, but it also burns cash at an order of magnitude higher.
03

At that price, why would anyone pay?

Zscaler, a cloud-security firm, acknowledged Mythos is "an order of magnitude" more expensive than traditional code-scanning tools — yet called it "worth the investment."
The math behind that: the FBI puts U.S. losses from cyberattacks at nearly $21 billion last year, up sharply from $16.6 billion the year before.
This means → a single major breach can cost far more than a Mythos subscription; companies are weighing "defense cost vs. attack cost."
04

The CFO is at the table now — how did budgets get approved?

IT services firm Veeam hasn't even received Mythos access yet, but has already begun raising its security budget; CISO Gil Vega said this triggered "difficult conversations" with the CFO.
The case that won approval: Veeam earns over $1 billion in annual revenue and serves many federal-government clients — "losing client trust would be an existential threat."
Principal Financial Group, which manages nearly $800 billion in assets, said the Mythos buzz "is pushing every organization to re-examine its security posture."
This reflects an industry-level shift: security budgets used to stay inside IT; now the CFO is being pulled directly into the decision.
05

How are early users cutting costs? Two tactics emerging

Prompt optimization: UiPath's security team trimmed the model's "warm-up" token consumption from roughly 150,000 tokens down to 3,000 — a 98% reduction — by refining task instructions.
Tiered-model strategy: Palo Alto Networks uses Mythos only to draft the "attack plan," then hands execution to the cheaper Opus 4.7 model, cutting overall spend.
In plain terms = reserve the most expensive model for the "thinking" step, delegate the "legwork" to a cheaper one — hire a top consultant for the strategy, then let a junior team run it.
06

Anthropic's commercial ambitions and the competitive landscape

The broad Mythos rollout is Anthropic's key move into the enterprise cybersecurity market; the company's revenue growth in coding and workplace AI tools has already outpaced OpenAI.
Anthropic itself acknowledges Mythos is extremely costly to run; the impact of its premium pricing on gross margins remains unclear.
OpenAI is advancing its own cybersecurity model, GPT-5.5-cyber, under a similarly restricted early-access program.
This means → cybersecurity AI is becoming the next high-value battleground for frontier-model companies, but no one has yet proven it can be a profitable business.

Content is for reference only, not financial advice.