Anthropic Faces Pentagon Blacklist While NSA Deploys Its AI for Cybersecurity

trusted with offensive cyber operations yet excluded from defense contracts
Anthropic's paradoxical position within U.S. national security agencies reveals deeper policy misalignment.

In the layered architecture of American national security, Anthropic occupies a paradoxical position: officially barred by the Pentagon yet quietly trusted by the NSA with some of the nation's most sensitive cyber operations. The contradiction, surfacing in mid-2026, reveals not a single government policy toward artificial intelligence but a fractured one — different agencies drawing different conclusions from the same evidence. It is a reminder that institutions, like individuals, do not always know what the other hand is doing, and that the governance of transformative technology rarely moves in a straight line.

  • The Pentagon has blacklisted Anthropic entirely, yet the NSA is actively deploying its Mythos AI system for both defensive and offensive cyber operations — a contradiction that cuts to the heart of how the U.S. government manages AI vendor trust.
  • Project Glasswing is quietly expanding Anthropic's presence across multiple national security agencies, bringing in partners like Qualys and signaling that this is a deliberate, growing commitment rather than a cautious pilot.
  • The Financial Times confirmed that Mythos is being used for cyber attack capabilities — not merely defense — meaning the NSA has extended its highest level of operational trust to a company the Pentagon will not do business with.
  • Cost may be part of the Pentagon's calculus, as Mythos has been flagged as a significant budget concern, adding a financial dimension to what might otherwise appear to be a purely security-driven exclusion.
  • The misalignment between defense and intelligence agencies suggests that U.S. AI procurement policy has not been reconciled across institutions, leaving Anthropic in the unusual market position of being simultaneously embedded and excluded within the same government.

Anthropic finds itself in a position that would be difficult to invent: officially blacklisted by the Pentagon while powering some of the NSA's most sensitive cybersecurity work. The contradiction sits at the center of a larger, unresolved question about how the United States government actually manages its relationships with artificial intelligence companies.

The NSA has deployed Anthropic's Mythos system for both defensive and offensive cyber operations — a level of trust that implies deep confidence in the technology and the organization behind it. This is not peripheral work. Offensive cyber capabilities touch the nation's most critical infrastructure and intelligence functions, making the NSA's choice a significant endorsement.

Running parallel to this is Project Glasswing, a cybersecurity initiative actively expanding Anthropic's footprint across national security agencies. With partners like Qualys integrated into the effort, Glasswing represents a deliberate institutional commitment, not an experiment. It is growing even as the Pentagon holds its official line against the company.

What the Pentagon's objections are rooted in remains partly opaque, though cost has been cited as one factor — Mythos has been described as a budget-intensive system. Whether the blacklist also reflects concerns about Anthropic's independence or security posture, the Defense Department and the intelligence community appear to be operating from different assessments of the same vendor.

For Anthropic, the result is a strange market reality: excluded from Pentagon contracts yet deeply embedded in NSA operations. The situation is less a scandal than a symptom — evidence that the U.S. government does not speak with one voice on technology policy, and that the governance of frontier AI is still catching up to the speed at which the technology is being adopted.

Anthropic finds itself in an unusual position within the American security apparatus: officially barred from doing business with the Pentagon while simultaneously powering some of the National Security Agency's most sensitive cybersecurity operations. The contradiction sits at the center of a larger question about how the U.S. government manages relationships with artificial intelligence companies, and whether different agencies are actually talking to each other.

The Pentagon's blacklist of Anthropic appears to stem from concerns about the company's independence and security posture. Yet at the same time, the NSA has chosen to deploy Anthropic's Mythos system—described as a security powerhouse—for both defensive and offensive cyber operations. This is not a minor use case. The NSA's adoption of the technology suggests confidence in its capabilities for work that touches the nation's most critical infrastructure and intelligence operations.

Project Glasswing, a cybersecurity initiative designed to advance the government's use of frontier AI systems, is actively expanding Anthropic's footprint across multiple national security agencies. The project has brought in partners like Qualys, a major cybersecurity firm, to help integrate Anthropic's technology into broader defensive frameworks. This expansion is happening even as the Pentagon maintains its official stance against the company.

The Financial Times reported that the NSA is using Mythos specifically for cyber attack capabilities, not merely defensive measures. This detail matters because it indicates the agency trusts the system with offensive operations—work that requires the highest levels of confidence in both the technology and the organization behind it. Yet the Pentagon's blacklist suggests a different assessment of that same organization's trustworthiness.

What emerges is a portrait of policy misalignment within the U.S. government's national security establishment. The Defense Department and the intelligence community appear to be operating from different threat models, different assessments of Anthropic's reliability, or possibly different procurement rules that have not been reconciled. The Information reported that Mythos is a budget concern—a security powerhouse that comes with significant costs—which may factor into the Pentagon's reluctance to work with the company.

Project Glasswing's expansion suggests that at least some corners of the national security apparatus believe the benefits of Anthropic's technology outweigh whatever concerns prompted the Pentagon's blacklist. The involvement of Qualys and the stated goal of advancing cybersecurity in the age of frontier AI indicate this is not a small pilot program but a deliberate, growing commitment.

For Anthropic, the situation is paradoxical. The company is simultaneously trusted with some of the government's most sensitive cyber operations and excluded from others. This creates an odd market position: the company cannot bid on Pentagon contracts, yet it is deeply embedded in NSA operations. It's a reminder that the U.S. government does not speak with one voice on technology policy, and that different agencies can reach entirely different conclusions about the same vendor.

The NSA is using Anthropic's Mythos specifically for cyber attack capabilities
— Financial Times reporting
The Hearth Conversation Another angle on the story
Inventor

How does a company end up blacklisted by one agency while the other is actively using it for offensive cyber operations?

Model

It usually means the agencies have different risk assessments or different procurement authorities. The Pentagon may have security concerns that the NSA either doesn't share or has decided to manage differently.

Inventor

What does it tell us that the NSA is comfortable using Mythos for attacks, not just defense?

Model

It suggests real confidence in the system's reliability and security. You don't hand offensive capabilities to technology you're uncertain about. The NSA wouldn't take that risk lightly.

Inventor

Is Project Glasswing an end-run around the Pentagon's blacklist?

Model

Not exactly. Glasswing is an intelligence community initiative, so it operates in a different space than Pentagon procurement. But it does mean Anthropic's technology is spreading through the government despite the blacklist.

Inventor

Why would cost be a factor in the Pentagon's decision?

Model

If Mythos is expensive and the Pentagon has budget constraints, they might decide the cost-benefit doesn't work for them, even if the technology is sound. That's a different kind of rejection than a security one.

Inventor

What happens if the Pentagon and NSA eventually have to coordinate on something that uses Anthropic's system?

Model

That's the real problem. Right now they can operate separately, but if a major cyber incident requires both agencies to work together, the contradiction becomes untenable. Someone will have to give.

Contact Us FAQ