• April: Mythos steals the spotlight
• April 16: Opus 4.7 steps into the gap
• A controlled bridge to the frontier
• April 30: Claude Security goes enterprise
• Competing visions of “responsible” power
  • The safety‑first narrative
  • The controlled‑access narrative
  • The enterprise‑grade narrative
• Where this is heading

Anthropic Releases New Opus 4.7 AI Model and Security Tool Human Human coverage portrays Opus 4.7 as Anthropic’s most capable generally available model and the engine behind a newly deployed enterprise tool, Claude Security, that scans codebases for vulnerabilities and proposes fixes. It emphasizes the deliberate separation from the more powerful, privately held Mythos Preview model and frames the rollout as part of a cautious, data-driven strategy to inform future releases of high-risk cybersecurity systems. @Verge Anthropic is trying to have it both ways: racing out a powerful new general-purpose AI model for paying customers while keeping its most potent cyber weapon locked in the lab. The tension between openness and control is now the central plotline of the company’s latest releases.

§April: Mythos steals the spotlight

Earlier in April, Anthropic quietly set the stage for a two-track AI future when it announced Claude Mythos Preview, a cybersecurity‑focused model it has described as its most powerful system overall.¹ Mythos is designed to identify and exploit vulnerabilities across operating systems and web browsers, essentially acting as a red‑team AI for the digital world.²

But unlike a typical model launch, Mythos never really “launched” in the public sense. Anthropic made clear that Mythos Preview would be kept on a short leash. It’s only being made available privately to select partners — including Nvidia, JPMorgan Chase, Google, Apple, and Microsoft — as the company experiments with how to contain and govern models that are explicitly good at hacking.¹

Anthropic framed Mythos as a glimpse of what’s possible at the frontier — and as something the rest of us aren’t ready to touch yet.

§April 16: Opus 4.7 steps into the gap

On April 16, Anthropic released Claude Opus 4.7, the company’s new flagship for everyday customers and, tellingly, its “most powerful ‘generally available’ model to date.”¹ Opus 4.7 is pitched as a direct upgrade over Opus 4.6, with Anthropic calling it “a step up … for advanced software engineering tasks, particularly in complex coding areas that in the past required more hand‑holding.”¹

The company says Opus 4.7 brings:

• Better performance on complex coding and advanced software engineering tasks.
• Stronger image analysis capabilities.
• Improved instruction-following for more precise outputs.
• More apparent “creativity” when generating slides and documents.¹

This is the model Anthropic wants most customers to actually use. But in a move that undercuts the usual hype cycle, Anthropic is explicit that Opus 4.7 is not the cutting edge of what it can do.

In its own system card, the company writes that Opus 4.7 “doesn’t even advance the company’s ‘capability frontier,’ since Claude Mythos Preview received higher results ‘on every relevant evaluation.’”¹ In other words: Anthropic has something better; this isn’t it.

The deliberate step‑down is by design. Anthropic says it “would keep Claude Mythos Preview’s release limited and test new cyber safeguards on less capable models first,” and that “Opus 4.7 is the first such model.”¹ During training, the company even “experimented with efforts to differentially reduce” the model’s cyber capabilities, dialing back its hacking potential relative to Mythos.¹

In practice, Opus 4.7 is both a product and a testbed: a widely deployed model that bakes in extra cybersecurity safeguards compared to its predecessor while Anthropic watches how it behaves in the wild.¹

§A controlled bridge to the frontier

The rollout strategy makes clear Anthropic’s layered view of risk.

• Mythos Preview is the true frontier model — powerful, security‑sensitive, and kept behind closed doors, shared only with a handful of large, technically sophisticated partners as the company figures out how to prevent misuse.¹
• Opus 4.7 is the public-facing, downgraded sibling — good enough to impress most users, but intentionally limited in its offensive cyber capabilities and insulated with new safeguards.¹

Anthropic says the whole point is to learn from Opus 4.7 before letting anything Mythos‑class anywhere near general availability: findings from the deployment of Opus 4.7’s safeguards “will help us work towards our eventual goal of a broad release of Mythos‑class models.”¹

For security professionals who actually want to push on the edges, Anthropic is dangling a side door: its new Cyber Verification Program. The company says researchers and defenders interested in using the model for tasks like vulnerability research can apply, with the implication that some of the guardrails on Opus 4.7 might be relaxed for vetted participants.¹

Early testers for Opus 4.7 include enterprise customers like Intuit, Harvey, and Replit — exactly the sort of software‑heavy organizations that stand to benefit from more capable AI coding partners while also understanding the risk of giving such tools too much freedom.¹

§April 30: Claude Security goes enterprise

Two weeks after the Opus 4.7 model landed, Anthropic began turning that capability into a concrete security product. On April 30, it rolled out Claude Security, a codebase‑scanning tool for businesses.

Claude Security “uses the Opus 4.7 model to scan a business’s codebase for vulnerabilities and issue a fix.”² It’s being deployed globally to enterprise customers, plugging Opus 4.7 directly into the software development and security lifecycle.²

Where Mythos is the dangerous lab prototype and Opus 4.7 is the constrained general model, Claude Security is the product layer: a managed, tightly scoped application designed to hunt bugs and propose patches before attackers — human or AI — do the same.

Anthropic and its coverage have been careful to stress that Claude Security “isn’t to be confused with Anthropic’s Mythos, a powerful AI model that can identify and exploit vulnerabilities across operating systems and web browsers.”² One is an enterprise‑grade code scanner with fixes built in; the other is effectively an autonomous red‑team engine that, for now, the public doesn’t get near.

§Competing visions of “responsible” power

Even within this small sequence of launches, competing narratives about Anthropic’s strategy are emerging.

§The safety‑first narrative

From Anthropic’s point of view, this staggered release is the embodiment of its “safety‑first” branding. Mythos Preview proves the company can build state‑of‑the‑art, highly capable AI systems. But instead of unleashing them on the open internet, it’s holding them back, channeling them into select partnerships and using a down‑tuned cousin, Opus 4.7, to test real‑world safeguards.

The company explicitly says Opus 4.7’s cyber capabilities are “not as advanced as those of Mythos Preview,” and that it introduced “additional cybersecurity safeguards compared to Opus 4.6” specifically to instrument and study those controls in practice.¹

On this view, Claude Security is the archetype of “good” AI: one that searches for vulnerabilities and issues fixes, giving defenders a speed boost without handing attackers a new superweapon.²

§The controlled‑access narrative

Critics and skeptics, however, will see a parallel story: the creation of a private AI upper class.

The same system card that confesses Opus 4.7 “doesn’t even advance the company’s capability frontier” also notes that the more powerful Mythos Preview is only available to a tiny roster of giants like Nvidia, JPMorgan Chase, Google, Apple, and Microsoft.¹ In other words, there’s Anthropic AI for the masses — and Anthropic AI for the biggest, richest firms on earth.

For developers and startups, the message is mixed. Yes, Opus 4.7 is more capable for advanced software engineering tasks and more helpful on complex problems than earlier versions.¹ But it is also explicitly less capable than what Anthropic can do — and deliberately so, especially when it comes to cybersecurity.

The Cyber Verification Program offers a narrow path into more powerful behavior for security pros, but it also reinforces the core dynamic: access to the full power of these systems is something Anthropic will gate, vet, and ration.

§The enterprise‑grade narrative

Then there are the enterprises, which are likely to welcome exactly this kind of tiered ecosystem.

For large organizations with sprawling codebases, tools like Claude Security promise to find vulnerabilities faster and offer patches automatically, all while being built on a model that’s been deliberately blunted on offensive cyber tasks.² Add in the fact that Mythos‑class capabilities are being trialed first with a circle of big, technically mature partners, and Anthropic’s story starts to sound like a classic enterprise pitch: you get cutting‑edge benefits, but only after the risky stuff has been run through someone else’s test environment.

§Where this is heading

Taken together, Mythos Preview, Claude Opus 4.7, and Claude Security sketch the outline of Anthropic’s strategy for the next phase of AI:

• Frontier‑class models like Mythos, held back and tightly controlled.
• Publicly released models like Opus 4.7, tuned down on sensitive capabilities and laced with new safeguards.
• Productized layers like Claude Security, translating those constrained capabilities into tangible business value.

The open question is how long this gap between “what’s possible” and “what’s allowed” can hold. Anthropic itself hints that Opus 4.7 is just the first rung in a ladder toward eventually “broad” releases of Mythos‑class models — once it’s confident the safeguards work.¹

For now, the company is trying to prove it can move fast on features — better coding help, smarter image analysis, more creative outputs — while still keeping its sharpest tools under lock and key.¹ Whether that balance survives competitive pressure, regulatory scrutiny, and the relentless demand for more capable AI is the real test still to come.

§1. Anthropic releases a new Opus model amid Mythos Preview buzz — “Anthropic has released its most powerful ‘generally available’ model to date: Claude Opus 4.7… [Mythos Preview]… the buzzy cybersecurity-focused model Anthropic announced earlier this month, which the company has said is its most powerful model overall.”

§2. Anthropic rolls out its codebase-scanning security tool for businesses. — “Claude Security uses the Opus 4.7 model to scan a business’s codebase for vulnerabilities and issue a fix… and isn’t to be confused with Anthropic’s Mythos, a powerful AI model that can identify and exploit vulnerabilities across operating systems and web browsers.”

Story coverage