GLASSWING: Toward a global cybersecurity framework driven by Big Tech, without Europe?

With Glasswing, Anthropic outlines an initiative that could reshape the global balance of cybersecurity.

The project brings together a coalition of some of the most structurally important players in the digital economy — Amazon Web Services, Google, Microsoft, NVIDIA, Apple, as well as Cisco, CrowdStrike and Palo Alto Networks — around a shared objective: securing the most critical software systems using an artificial intelligence model capable not only of identifying, but also exploiting, vulnerabilities at unprecedented scale and efficiency.

At first glance, the initiative appears to follow the trajectory of existing industrial cooperation in cybersecurity. In reality, it signals a deeper shift. With models such as Mythos, cybersecurity is no longer grounded primarily in human expertise; it is becoming an infrastructure function, dependent on compute power, access to models, and the ability to operate at scale.

Cybersecurity moving toward concentration

The Glasswing project reshapes the contours of a system in which the ability to detect vulnerabilities is concentrated in the hands of a limited number of actors capable of operating at industrial scale.

This evolution comes at a moment when artificial intelligence models are crossing a critical threshold. The discovery of vulnerabilities is no longer constrained by individual expertise, but by the capacity to deploy systems able to analyze massive volumes of code and interactions. In this context, advantage no longer lies with those who master techniques best, but with those who control the tools.

Cybersecurity, historically distributed among researchers, companies and public institutions, is thus tending to consolidate around platforms capable of industrializing these processes. This shift is all the more structuring as it redefines the balance of the sector.

Europe currently excluded from the framework

It is in this context that the absence of European actors within Glasswing takes on its full meaning. While the initiative aggregates the main operators of global digital infrastructure, no major European player is involved. This absence highlights the concentration of power among actors capable of combining, within a single ecosystem, advanced models, cloud infrastructure and operational capabilities.

The gap is first technological. At this stage, Europe does not have “frontier” models equivalent to those deployed in Glasswing for such sensitive use cases, particularly when it comes to automating vulnerability detection and exploitation at scale.

But the differential is not limited to technology; it is also industrial. Whereas U.S. players operate in an integrated manner — combining cloud, models, cybersecurity and infrastructure — the European ecosystem remains fragmented. This fragmentation hinders the emergence of coalitions capable of addressing systemic challenges with the same speed and coordination.

This is compounded by an institutional asymmetry. Europe has structured its response to the rise of artificial intelligence through regulation, positioning itself as a regulatory pole. Glasswing, however, does not fall within that logic; it belongs to a dynamic of operational standard-setting, where rules emerge from usage and coordination among dominant players.

In a model where cybersecurity depends on access to advanced capabilities, not participating in their development effectively means depending on those who operate them. This dependency concerns not only tools, but also knowledge of vulnerabilities themselves — and that knowledge is a strategic resource.

Can we still speak of digital sovereignty when the ability to secure infrastructures depends on external systems?

A new layer of power

Beyond the European case, Glasswing illustrates that cybersecurity is no longer merely a technical issue, but a central dimension of technological power.

After control over data, platforms and cloud infrastructure, the ability to map vulnerabilities across the global digital system is now emerging as a decisive lever. This capability is critical for infrastructure resilience and the stability of digital environments.