We share our initial set of recommendations to shore up your defenses based on our own findings and security practices.

Claude

Anthropic's security teams share practical guidance for defending against AI-accelerated cyberattacks, tied to their Project Glasswing initiative. Key recommendations include closing patch gaps faster using CISA KEV and EPSS prioritization, preparing for an order-of-magnitude increase in vulnerability report volume, integrating AI-assisted code scanning and SAST into CI/CD pipelines, proactively scanning existing codebases with frontier models before attackers do, adopting zero-trust architecture with hardware-bound credentials, reducing attack surface through inventory and decommissioning, and shortening incident response with AI triage agents. The post also covers best practices for submitting vulnerability reports upstream and simplified advice for teams without dedicated security functions.

Preparing your security program for AI-accelerated offense

Advice for submitting vulnerability reports to others