Microsoft is quietly developing an AI-powered security tool that scans enterprise environments for software vulnerabilities and recommends fixes, routing work across multiple large language models to keep costs low, according to a report from The Information. The service, internally called Project Perception, would automatically assign security tasks to the most appropriate model—drawn from Microsoft, OpenAI, and Anthropic—potentially making continuous, AI-assisted vulnerability remediation affordable for organizations of all sizes.

The multi-model blueprint

The core idea behind Project Perception is not simply better vulnerability discovery. As first reported by The Information and summarized by TechRepublic on July 17, Microsoft is building a product that can look across a company’s code, cloud infrastructure, and endpoints; identify exploitable weaknesses; explain their impact; and propose concrete fixes. What sets the design apart is an orchestration layer that chooses which AI model handles each step, rather than sending every job through the most powerful—and most expensive—system.

A low-cost model might handle inventory checks, log parsing, or initial triage of common vulnerability types. When the system needs to reason through a complex exploit chain, interpret an authentication flow, or write a remediation plan that touches production systems, it calls on a frontier model. The approach is pragmatic: vulnerability management generates enormous volumes of repetitive work, from correlating CVEs with asset databases to checking whether a vulnerable library is actually reachable. Most of those tasks don’t require the highest-priced reasoning available.

The economics that could shift the market

Cost is the headline story here. Anthropic’s Claude Mythos 5—the most visible AI system purpose-built for cybersecurity—is priced at a premium. The company lists Mythos 5 at $10 per million input tokens and $50 per million output tokens, and access remains restricted to a limited set of vetted partners. By comparison, Microsoft’s multi-model routing could reserve those top-end calls for only the few steps where they create real value, dramatically lowering the average cost per vulnerability report. TechRepublic has reported that Mythos API pricing sits materially above even Anthropic’s own Opus-tier model and OpenAI’s GPT offerings.

That doesn’t guarantee Project Perception will be universally cheaper. Enterprise customers will also pay for data ingestion, sandbox environments, storage, analyst review time, and the security controls required to let an AI inspect sensitive source code and infrastructure. But the ability to mix models gives Microsoft a credible lever for controlling expense as usage scales, which could make the difference between a tool reserved for high-severity incidents and one that hums along in the background, day after day.

Mythos created the category; Perception could redefine it

Anthropic’s Project Glasswing and the Mythos models have demonstrated that AI can tackle sophisticated defensive cybersecurity work. Mythos 5 is particularly strong at exploit reasoning, and the company tightly controls access precisely because of the dual-use risk. Yet Mythos is primarily a model with a restricted application program. Project Perception, as reported, would be a full product layer: it combines multiple models, task routing, enterprise context, and—crucially—direct ties into Microsoft’s sprawling security ecosystem.

For a Windows-heavy enterprise already running Microsoft Defender XDR for endpoint telemetry, Defender for Cloud for cloud-security data, Entra ID for identity signals, and GitHub for source code, an AI vulnerability platform that can safely combine those inputs could answer a question no standalone scanner can: is that theoretical CVE actually exposed in my specific environment? The integration story may matter as much as the underlying model quality. Microsoft’s bet is that the product system—orchestration, context, and trusted tooling—is more valuable than exclusive ownership of the smartest model.

The Ire precedent: prove it, don’t just predict it

Microsoft has already shown it can build autonomous security agents that work the way analysts work. Project Ire, an internal research effort, classifies malicious software by reverse-engineering binaries, calling forensic tools through an API, and constructing a chain of evidence that supports every conclusion. When Ire flags a file as malicious, it doesn’t just return a confidence score; it points to the specific function, behavior, or artifact that led to that verdict, and it stops at the boundary of what the evidence supports.

The company has confirmed that Ire will ship inside Microsoft Defender as Binary Analyzer for threat detection and software classification. That evidence-boundary principle is critical for any AI vulnerability tool. Security teams should not accept a generated fix narrative simply because it reads like a polished penetration-test report. They need to see the affected package, the relevant code or configuration, the access path, any assumptions made, the recommended remediation, and the operational risk of that change. For a Windows administrator, “apply this patch” is meaningless if the patch could affect Group Policy, authentication, driver compatibility, or a line-of-business application running on a production domain controller.

Project Perception, if it follows Ire’s blueprint, might turn AI findings into governed workflows rather than autonomous changes. A report that maps a vulnerable dependency to a running workload, produces a test plan, opens a tracked remediation item, and attaches a reproducible evidence package would save teams time without pretending that patch approval can be fully automated.

What this means for Windows enterprises

For CISOs and IT directors, the pitch is clear: AI can triage the mountain of scanner output and focus human attention on the weaknesses that actually matter. Continuous, affordable scanning could shift vulnerability management from a periodic, compliance-driven exercise to an operational function that runs alongside everything else.

The integration potential is enormous. An AI that understands your Azure Active Directory structure, your endpoint telemetry, and your code repos can say not just “upgrade this library” but “this library is loaded by these three services, running on these hosts, in this subscription, and here’s the change window and rollback plan.” That kind of context comes from being baked into the platform, not from being bolted on.

But the platform advantage cuts both ways. To deliver that insight, Perception would need access to some of the most sensitive data an organization holds: source code, secrets, network diagrams, unpatched asset lists, and incident evidence. Chief information security officers will demand exact answers on isolation, customer-data retention, model-training boundaries, access controls, auditing, regional processing, and how external models from Anthropic or OpenAI are invoked. “Multi-model” may be a cost-saving architecture; to a CISO, it’s a data-governance challenge with several parties involved.

Administrators will also need to know which model processed a case, why it was selected, what context it received, whether prompts or outputs were retained, and whether results can be reproduced after models change. A multi-model security tool that can’t deliver a defensible audit trail will be a non-starter in regulated industries, no matter how clever its findings.

What home users and small businesses need to know

If you’re not managing an enterprise IT environment, Project Perception’s immediate relevance is minimal. The tool is designed for organizations that operate their own servers, cloud infrastructure, or large codebases. Home users and small businesses without dedicated security staff won’t interact with it directly, though the technologies that flow from it—like improved threat detection in Defender—might trickle down over time.

How we got here

The seeds of Project Perception have been growing for years. Microsoft’s investment in OpenAI gave it early access to frontier models. Its internal research teams—like the group behind Project Ire—have been experimenting with LLM-based security agents that call specialist tools and validate their own conclusions. Meanwhile, the cybersecurity industry has been grappling with an unsustainable volume of vulnerabilities: National Vulnerability Database entries continue to climb, and even well-staffed security teams can’t keep up.

The recent appearance of domain-specific AI like Claude Mythos showed that models could be tuned for exploit reasoning and vulnerability research. But the high cost and restricted access highlighted a gap: what about the thousands of lower-severity findings that clog backlogs? Project Perception appears designed to fill that gap.

What to do now

Project Perception hasn’t been announced, and there’s no beta to sign up for. But enterprises can start preparing for AI-driven vulnerability management today:

  • Audit your vulnerability management workflow. Identify where manual triage consumes the most time. If you could automate the first pass of CVE-to-asset matching or reachability analysis, what would the data inputs need to look like?
  • Clean up your configuration management database (CMDB). Any AI tool will be only as good as the asset inventory and software bill of materials it can query. Incomplete or outdated records will lead to missed findings or—worse—confident but wrong recommendations.
  • Map your Microsoft security integration points. If you use Defender XDR, Defender for Cloud, Entra ID, and GitHub, understand how those systems share (or don’t share) context today. The more unified that picture, the more value a perception-like tool could deliver.
  • Start the data-governance conversation early. Talk to your Microsoft account team about how future AI tools will handle customer data, logging, and model selection transparency. Draft the questions you’ll need answered before onboarding any automated remediation service.
  • Watch for official announcements. When Microsoft formally unveils Project Perception, expect documentation on supported environments, pricing, and data handling. Early adopters should look specifically for audit trail capabilities, model selection transparency, and integration with existing change management and ticketing systems.

The road ahead

Project Perception signals a shift from AI as an assistant to AI as an active participant in the vulnerability-to-remediation pipeline. The first measure of its value won’t be whether it can produce flashy proof-of-concept exploits. It will be whether it reduces the backlog of real, verified, actionable vulnerabilities without drowning security and IT teams in low-confidence noise.

If Microsoft can connect that workflow to the systems enterprises already trust—and give administrators the transparency and governance they require—Anthropic’s Mythos may face a challenger built not on model mystique, but on deployment discipline and cost control that makes AI remediation a nonstop reality.