CrowdStrike Providing Massive ‘Benefit’ To Partners With Access To Frontier AI Models: CTO

As Anthropic and OpenAI compete to have the upper hand on AI-powered vulnerability discovery, CrowdStrike is ‘working on getting you access to leverage these capabilities by building with us on our platform,’ CrowdStrike CTO Elia Zaitsev told partners Wednesday.

Regardless of which frontier AI model appears to be leading in terms of relevance to cybersecurity, CrowdStrike is committed to providing as much access as possible to partners so that they can best protect their end customers, according to CrowdStrike CTO Elia Zaitsev.

Speaking to top CrowdStrike partners during the company’s Americas Partner Symposium 2026, Zaitsev said that solution and service providers should not have to stay on top of whether Anthropic or OpenAI has the upper hand on AI-powered vulnerability discovery at the moment. Instead, partners should be more focused on working with a security platform that can leverage the latest models and adapt as the frontier AI space evolves, he said.

CrowdStrike offers many advantages to partners in this regard, Zaitsev said—thanks to the vendor’s comprehensive Falcon platform and its participation in both Anthropic’s Project Glasswing and OpenAI’s Trusted Access for Cyber initiative. The cybersecurity giant is also expanding its recently launched Project QuiltWorks initiative to more partners as a way to provide cutting-edge AI capabilities for security, he noted.

“Being a CrowdStrike partner means you will also be able to benefit from this knowledge, access and expertise,” Zaitsev said during the event in Miami Beach, Fla. “We’re, in fact, working on getting you access to leverage these capabilities by building with us on our platform.”

While Project QuiltWorks is not able to leverage Anthropic’s unreleased Claude Mythos model, the initiative utilizes other frontier AI models that offer similar effectiveness for offensive and defensive security, according to CrowdStrike.

The bottom line is that when it comes to finding and fixing software vulnerabilities with the help of frontier AI, “the partners who align early on these [AI] ecosystems, I believe, are going to be the ones leading these conversations with customers,” Zaitsev said.

Anthropic’s disclosure last month about Claude Mythos—and subsequent disclosures about the capabilities of Anthropic’s Opus 4.7 and OpenAI’s GPT 5.5—suggest that a flood of new vulnerabilities are likely to be uncovered in major software tools in the coming months, CrowdStrike executives have said this week during the Americas Partner Symposium event.

Even with the guardrails that Anthropic and OpenAI have introduced, “make no mistake—adversaries will at some point get access to the latest state of the art AI capabilities,” Zaitsev said Wednesday. “I’m confident it’s a matter of when—not if.”

Partner Perspective

Solution and service provider executives told CRN that CrowdStrike’s rare level of access to frontier AI models—combined with its agnostic approach to leveraging those models—is a huge value for the vendor’s partners.

What CrowdStrike is providing is a crucial security foundation that is flexible enough to deal with AI-accelerated cyber risk going forward, according to Bill Fryberger, principal and Americas cybersecurity advisory leader at EY.

For all the attention that Anthropic’s Claude Mythos model has received, there are indications that OpenAI’s GPT 5.5 may be even more proficient for vulnerability research and exploitation, Fryberger said.

In other words, as the leading AI model of the moment inevitably changes, having EY try to chase that is “not a good business for me to be in,” he said.

If EY tells a client one day that it’s all-in with Claude, the firm can’t tell that client later that week, “I was just kidding on Monday, I’m really going down the OpenAI route,” Fryberger said. “I’ve got to choose my foundation.”

The clear message from CrowdStrike is that it is building its platform around the use of AI, “whatever frontier model that ends up being,” he said.

“It just makes it easier for me to have a conversation with the client,” Fryberger said. “We’re just providing a flexible foundation where you can be comfortable that we’ll use the best we can at the time.”

Indeed, CrowdStrike is meeting a crucial need by becoming the agnostic “orchestrator for proactive security,” said Mark Grassmann, national cybersecurity practice principal at Alchemy Technology Group, a Houston-based partner of CrowdStrike.

“I think CrowdStrike has put itself in a pole position by adopting this approach and being flexible with the [AI] models,” Grassmann said.

All in all, “being the indispensable platform or orchestrator for a customer to adopt this extremely futuristic, modern technology—that’s the right place to be,” he said. “And as a partner, that gives us confidence that they’re the right platform of choice to recommend and advise our customers around.”

Older Models Are Still Proficient

In addition to the fact that the frontier AI models are rapidly evolving, there are also indications that the previous generations of the models have already been very effective at offensive security, Zaitsev said Wednesday.

That is, “I don’t really think these are new risks,” he said. “Even before the mass availability of highly capable artificial intelligence systems, we’ve been documenting a trend over the last few years of the collapse in mean time to exploitation. The number of vulnerabilities that have been continuing to climb.”

Where some of the newer models such as Claude Mythos most stand out, perhaps, is that “they have also had their guardrails deliberately reduced to support specific cybersecurity use cases,” Zaitsev said.

At the same time, there is widespread speculation about what the frontier AI models are actually capable of, he said.

“Very few individuals in the world have actually had their hands on any of these models, let alone all of them. But I have,” Zaitsev said.

Without a doubt, the latest generation of models are more capable at coding and reasoning, as well as at executing complex cybersecurity use cases, he said. This is both because of improvements and due to the reductions in guardrails, according to Zaitsev.

However, where the latest frontier models are “particularly good [is] at chaining together existing vulnerabilities and identifying these non-obvious attack paths, as well as some reverse engineering tasks,” he said.

The AI model harness—consisting of components such as prompts, sub-agents, tools, plugins and skills—is also pivotal and not something that has received enough recognition, Zaitsev said.

Mythos Is ‘Not Cyber AGI’

CrowdStrike’s own testing suggests that some of the recently released models are “more incremental than revolutionary,” Zaitsev said.

Even the prior version of Anthropic’s publicly available model, Opus 4.6, was “already able to do virtually everything that Mythos can do when we paired it with the right harness,” he said.

Referencing the widely discussed prediction of super-advanced artificial general intelligence (AGI), Zaitsev said it’s ultimately clear that “Mythos is not cyber AGI.”

Mythos “still makes mistakes. It generates a lot of false positives when not used correctly,” he said.

CrowdStrike testing found that the false positive rate while analyzing vulnerabilities with Mythos varied from between 20 percent and 80 percent, with the variation depending on the harness that was being used, Zaitsev said.

Additionally, “Mythos is painfully slow and incredibly expensive to use,” he said. “It’s a huge problem.”

But there’s still no question, Zaitsev said, that Claude Mythos does make it “easier for less-skilled users—people who don’t have any harness at all—to become dangerous quicker.”