Chinese cybersecurity company 360 Security Technology says it has built an AI system that can rival one of the most closely watched cyber tools in the US.
The company unveiled Yitian Tulong, an AI-powered vulnerability discovery and defense platform, at the ISC.AI cybersecurity conference in Beijing. Founder Zhou Hongyi framed the system as China’s answer to Anthropic’s Mythos, a powerful but tightly controlled AI cybersecurity system reportedly capable of uncovering software flaws at scale.
The claim is difficult to verify, and that uncertainty is part of the story. If systems like Yitian Tulong can perform as advertised, they could reshape how security teams discover vulnerabilities while also raising new concerns about who has access to that capability.
China’s response to Anthropic’s Mythos
At the ISC.AI cybersecurity conference in Beijing on Wednesday, 360 founder Zhou Hongyi unveiled Yitian Tulong, which Reuters reported is 360's domestic answer to Anthropic's Mythos.
According to Zhou, the project was driven by what he described as a "one-way transparency" risk. He argued that if only one country possesses AI capable of rapidly identifying vulnerabilities across software and digital infrastructure, that country gains a significant strategic advantage while others remain exposed.
Unpacking Yitian Tulong
Yitian Tulong is an AI-powered cybersecurity platform built around two AI systems designed for different aspects of cyber operations.
The first, Tulongfeng, focuses on automated vulnerability discovery. Describing Tulongfeng as "China's version of Mythos," 360 said the model has identified 3,432 software vulnerabilities, of which Chinese authorities have confirmed 105. Reuters noted those figures could not be independently verified.
Yitianzhen, by contrast, focuses on cyber defense and incident response. Instead of searching for software flaws, the system helps organizations analyze and respond to attacks.
Perhaps the most notable aspect of Yitian Tulong is how 360 built the platform. Zhou acknowledged that Chinese foundation models still trail leading counterparts by roughly 20% to 30%. Rather than competing on model size or computing power, the company combined AI models with cybersecurity expertise, vulnerability databases, and automated tooling.
That strategy resembles DeepSeek's approach, which demonstrated that optimization and system design can narrow the performance gap relative to more resource-intensive AI models.
Regional stakes for China and APAC
For Chinese residents and businesses, Yitian Tulong could strengthen domestic cyber defense at a time when governments, companies, and critical infrastructure operators face growing pressure to detect software flaws before attackers do.
The broader impact in APAC is more complicated. If 360 makes the platform available across the region, it could give enterprises another option for AI-assisted vulnerability discovery and incident response, especially in markets with limited access to US-developed systems such as Mythos.
But adoption would likely depend on trust, regulation, and data governance. Security teams outside China may need to weigh the platform’s technical promise against questions about where data is processed, how findings are shared, and whether local governments would permit its use in sensitive environments.
Access could prove especially uncertain for US organizations. Even if 360 launches the platform internationally, US regulatory scrutiny and future trade restrictions could limit adoption, much as export controls have already shaped access to other advanced technologies.
For now, the platform’s reach outside China remains unclear.
Also read: Anthropic has said Mythos-class AI models could reach more customers, with added safeguards for cybersecurity and biology risks.