Google expands CodeMender access to compete with Anthropic's Mythos in AI security race

Google is opening the doors to CodeMender, its AI-powered code security agent, giving external developers API access for the first time. The move transforms what was an internal research project into a product aimed squarely at the growing market for autonomous vulnerability detection and patching.

The timing is not subtle. Anthropic’s Claude Mythos Preview rattled the AI industry with its near-autonomous security capabilities, drawing attention from major banks and even the Federal Reserve chair. Google, it seems, would prefer not to cede this particular territory.

What CodeMender actually does

CodeMender autonomously scans codebases, flags vulnerabilities, generates patches, and validates those changes before a human ever has to look at them. The system combines Gemini “Deep Think” reasoning models with static and dynamic analysis, fuzzing, and SMT solvers.

CodeMender has submitted 72 security fixes to open-source projects, handling codebases of up to 4.5 million lines. Google DeepMind CTO Koray Kavukcuoglu framed the ambition broadly, saying the goal is to “help secure the world’s code bases” by both identifying and remediating vulnerabilities. The company first debuted CodeMender last October but kept it largely internal. Now, select groups of security experts are being invited to test the API externally.

Google expands CodeMender access to compete with Anthropic's Mythos in AI security race

Other newsrooms on this story

Related reading

Google wants to compete with Anthropic’s Mythos

Anthropic is launching a new AI model for cybersecurity

Anthropic's Mythos is already finding security flaws in Apple software

Mythos and Cybersecurity - Schneier on Security

Anthropic says its latest AI model can expose weaknesses in software security

Anthropic's Mythos is evolving faster than expected, reports AI safety agency