IBM is bringing more AI-powered security tools to clients while its Project Glasswing work with Anthropic aims to test how AI agents can attack and defend real systems.
Last checked: May 20, 2026. This article uses IBM, PRNewswire, IBM Think and Anthropic sources first. AI security product names, previews and availability can change quickly, so confirm live IBM product pages before making buying or deployment decisions.
Quick answer
IBM has announced a broader AI-powered security portfolio for enterprise clients, with new and expanded capabilities around secure coding, vulnerability management, identity, threat detection, application risk and agentic security operations.
The larger story is Project Glasswing, an Anthropic-led initiative that brings together AI labs, cybersecurity companies and model evaluators to test how AI agents might find, exploit and help fix software vulnerabilities. IBM says its ongoing work in the project is strengthening the defenses it is putting into customers' hands.
For most readers, this is not a consumer app launch. It is a signal that major security vendors are moving from "AI that summarizes alerts" toward AI systems that can inspect code, prioritize risk, automate defensive workflows and, eventually, help security teams respond faster than attackers using AI.
What IBM announced
IBM's May 2026 announcement says adversaries are starting to weaponize AI against the systems organizations depend on, and that defenders need more advanced tools to keep pace.
The announcement highlights several parts of IBM's security stack:
| Area | What IBM is emphasizing | Why it matters |
|---|---|---|
| Secure coding | IBM Concert Secure Coder | Helps developers find and remediate code weaknesses earlier |
| Application risk | IBM Concert | Prioritizes application vulnerabilities and operational risk |
| Identity | IBM Verify | Strengthens access controls and identity security |
| Detection and response | IBM QRadar | Supports threat detection, investigation and response workflows |
| Security services | IBM Consulting Cybersecurity Services | Brings managed expertise for clients that need help operating the tools |
| Agentic security | IBM Autonomous Security | Explores multi-agent workflows for security operations |
IBM is framing this as a practical response to a new threat environment. If attackers use AI to move faster, generate better phishing, analyze code, chain vulnerabilities and automate reconnaissance, defenders need tools that can handle more context and move with less manual delay.
The most important point is that IBM is not describing one isolated product. It is connecting development security, application operations, identity, detection and consulting into a wider security portfolio.
What Project Glasswing is
Project Glasswing is an Anthropic initiative focused on AI and cybersecurity. Anthropic describes it as a program for strengthening AI model safeguards, advancing research on AI-enabled cyber risk and helping defenders prepare for more capable AI systems.
The project brings together several groups across the security and AI ecosystem. Its public materials name partners including IBM, Palo Alto Networks, Shield AI and security research organizations. Anthropic says it is also committing up to $100 million in API usage credits and up to $4 million in grants for universities, nonprofits, public sector organizations and researchers working on AI safety and cybersecurity.
The core idea is straightforward: if AI agents can be used to find and exploit software weaknesses, the industry needs serious testing before those capabilities become widely available. That includes evaluating models, building controlled challenge environments, studying agent behavior and improving safeguards.
For IBM, participation gives its security teams direct exposure to the kinds of AI-assisted attacks enterprise clients may face next. IBM can then use that research to improve products, services and defensive playbooks.
Why this matters for companies
AI changes the economics of cyber defense. A skilled attacker still needs knowledge, access and opportunity, but AI can reduce the time needed for repetitive work. It can help generate exploit hypotheses, summarize documentation, write phishing copy, analyze leaked code, create scripts and sift through logs.
Security teams face the same volume problem from the other side. They already deal with too many alerts, too many vulnerabilities, too many identity events and too many systems that were built over many years. The promise of AI security tools is not magic prevention. The useful promise is triage: which alert matters now, which vulnerability is reachable, which code path is exposed, which identity change is suspicious and what fix should happen first.
That is where IBM's portfolio angle makes sense. Secure coding catches some issues before release. Application risk management helps prioritize the systems that matter. Identity tools reduce account takeover risk. Detection and response platforms help after suspicious activity appears. Consulting services help organizations design and run the operating model.
The risk is over-trusting automation. AI can hallucinate, miss context, recommend unsafe changes or produce a false sense of control. Enterprises should treat AI security tools as force multipliers for trained teams, not replacements for security engineering, incident response and governance.
IBM Concert Secure Coder and code risk
One practical part of the announcement is IBM Concert Secure Coder. IBM's product material describes it as a way to help developers identify, understand and remediate vulnerable code.
That matters because secure coding is usually cheaper before software ships. Once an application is live, a vulnerable dependency or weak code path becomes an operational problem, not just a development issue. Fixing it may require emergency patches, customer communication, compliance review and downtime planning.
An AI-assisted secure coding tool can be useful if it does three things well:
- Finds real weaknesses without flooding developers with low-quality warnings.
- Explains the issue in language developers can act on quickly.
- Fits into existing workflows such as pull requests, IDEs, CI checks and vulnerability backlogs.
The challenge is precision. If a tool produces too many false positives, developers tune it out. If it applies risky fixes automatically, it can create new bugs. The best use is targeted assistance with human review, tests and security ownership still in place.
IBM Autonomous Security and agentic defense
IBM also points to its Autonomous Security work. IBM announced in April 2026 that it was developing multi-agent cybersecurity capabilities to help enterprises confront agentic attacks.
The phrase "agentic attacks" means attacks where AI agents can plan and execute steps across tools instead of only generating text. That could include scanning, scripting, probing, chaining findings and adapting based on feedback.
Defending against that requires more than a dashboard. It requires systems that can correlate data, investigate across sources, suggest containment, coordinate response actions and keep a human decision point where the risk is high.
This is where the industry needs discipline. Autonomous security should not mean uncontrolled systems making irreversible changes. A mature approach should include approval gates, audit logs, rollback paths, scoped permissions and clear policies for what an agent can and cannot do.
What security teams should do now
Companies do not need to wait for every AI security product to mature before improving their posture. The defensive basics still matter, but AI changes the urgency.
Start by reviewing where AI could speed up attackers against your environment. Public code, exposed APIs, old internet-facing services, unpatched applications, weak identity controls and scattered logs become easier targets when attackers can automate analysis.
Then review where AI can safely help defenders. Good first use cases are summarizing alerts, explaining code findings, grouping duplicate vulnerabilities, generating remediation drafts, mapping affected assets and preparing incident timelines. High-risk actions such as disabling accounts, blocking network paths, changing production code or deleting data should stay behind human approval.
Finally, update vendor questions. When evaluating AI security products, ask how the model is trained, what customer data it can access, how outputs are audited, whether actions can be scoped, how false positives are handled, how rollback works and what happens if the AI system itself is targeted.
What normal users should take from this
This announcement is enterprise-focused, but the lesson applies to everyday users too: AI is making both attacks and defenses faster.
Users should expect more convincing phishing messages, fake support chats, scam sites and social engineering attempts. The safer habits are still simple: do not share one-time codes, use passkeys or multi-factor authentication, keep software updated, avoid password reuse and verify urgent requests through a separate trusted channel.
For employees, the practical advice is to follow company security channels rather than improvising. If a message, invoice, file, meeting invite or login prompt feels strange, report it through the official process. AI-generated attacks often look polished, so "bad grammar" is no longer a reliable warning sign.
The bottom line
IBM's AI security announcement is best understood as part of a wider industry shift. Security vendors are preparing for a world where AI agents help attackers work faster and defenders need AI-supported systems to keep up.
Project Glasswing is important because it focuses on testing the risky side of that future before it becomes normal. IBM's portfolio matters because enterprise defense has to cover the full chain: code, apps, identity, operations, detection and response.
The winning security teams will not be the ones that simply buy the most AI tools. They will be the teams that use AI carefully, measure whether it improves real outcomes and keep humans responsible for judgment, accountability and high-impact actions.
Sources
- IBM announcement via PR Newswire APAC: en.prnasia.com
- IBM Think coverage of Anthropic, Claude and Project Glasswing: ibm.com
- Anthropic Project Glasswing official page: anthropic.com
- IBM Autonomous Security announcement: newsroom.ibm.com
- IBM Concert Secure Coder product page: ibm.com
Before you move on
Defensive security explainers. Use this short checklist to turn the article into action.
- Change reused passwords on important accounts.
- Enable multi-factor authentication or passkeys where available.
- Keep a separate backup for files you cannot afford to lose.
This guide is written for practical user safety. For account, platform, or legal decisions, confirm critical steps with the official help center or your service provider.
