Background
Microsoft is preparing to release an enterprise security product internally codenamed Project Perception, which would deploy a combination of large language models (LLMs) from Microsoft, OpenAI, and Anthropic to automatically scan, identify, and remediate software vulnerabilities, according to a report first published by *The Information*. <cite index="6-1,6-2">The product, set to debut as soon as July 2026, will use a combination of AI models from Anthropic, OpenAI, and Microsoft itself to sniff out software bugs similar to the way Anthropic's Mythos model does and automatically fix them.</cite>
How It Works
The core architectural differentiator is a model router—a dispatch layer that selects the most appropriate underlying model for each individual security task. <cite index="19-6">Perception will be able to use multiple models to scan for security holes by using a model router that will determine the correct AI model for the job before assigning the workload.</cite> This approach mirrors an existing Microsoft Azure Foundry capability: <cite index="20-21,20-22,20-23">Model Router in Microsoft Foundry is a platform-level system deployed as a single endpoint that dispatches across up to 18 underlying LLMs per prompt, with the routing decision made by a trained model—not a rules engine—that analyzes the prompt itself for complexity, task type, and reasoning requirements.</cite>
<cite index="19-2">Project Perception is the brainchild of Hayete Gallot, Microsoft's head of security who took over the role in February.</cite> Microsoft has not confirmed official pricing, availability, or supported workloads publicly; <cite index="7-6">the company has not publicly announced its availability, pricing, supported workloads, or customer eligibility.</cite>
Cost Positioning Against Mythos 5
The primary commercial argument Microsoft is making centers on price. <cite index="23-3,23-4">The security product uses a combination of AI models from Anthropic, OpenAI, and Microsoft to scan, identify, and provide fixes, with its main selling point being cost—expected to be far lower than Anthropic Mythos, which has an estimated API cost that is 100 percent higher than Opus and 82 percent higher than GPT.</cite> <cite index="23-5">It plans to reduce costs by routing individual queries to specific AI models based on the task, according to *The Information*.</cite> <cite index="19-1">While Perception should be cheaper than Mythos, Microsoft has not finalized any pricing details yet.</cite>
The Mythos 5 Context
Anthropics's Claude Mythos 5 is a restricted-access LLM purpose-built for offensive and defensive cybersecurity work. <cite index="17-10,17-11">Mythos—formally Claude Mythos Preview—is Anthropic's most capable frontier AI model as of April 2026, distinguished by exceptional agentic coding, multi-step reasoning, and autonomous offensive security capabilities; it is the first AI model known to autonomously compromise a simulated corporate network end-to-end, and the first to discover more than 2,000 zero-day vulnerabilities in production software in under two months.</cite>
Access to the model has been tightly controlled. <cite index="12-85,12-86">Anthropic launched Project Glasswing, with a consortium of companies using Mythos to find and fix software vulnerabilities; over forty companies were granted access, including Microsoft, Apple, Google, Amazon Web Services, the Linux Foundation, Cisco, Nvidia, and Broadcom.</cite> <cite index="11-26,11-27">The U.S. Commerce Department later ordered Anthropic to block foreign access to its newest Fable 5 and Mythos 5 AI models, forcing a total shutdown triggered by an Amazon security paper and a three-word jailbreak prompt.</cite> <cite index="12-1,12-2">On June 30, Anthropic announced that the U.S. Department of Commerce had lifted restrictions on both Fable 5 and Mythos 5, and that it would restore access to both models starting the following day.</cite>
<cite index="1-8">The regulatory disruption could give Microsoft an edge when it comes to getting a cybersecurity tool to Europe and other regions.</cite>
Regulatory and Competitive Implications
<cite index="19-11,19-12">When Project Perception launches, its availability could also be restricted, given that these tools have the ability to find exploits in software before patches are released, making them potentially dangerous.</cite> The move signals escalating competition at the application layer of enterprise AI, where platform incumbents are bundling third-party frontier models—including those from direct rivals—into integrated, cost-optimized products. <cite index="23-9">For businesses, the arrival of more security products could lower the cost of closing IT vulnerabilities, a growing priority as bad actors gain access to the same advanced tools.</cite>