In a move framing the artificial intelligence race as a matter of modern “cyber-nuclear deterrence,” Chinese cybersecurity giant 360 Security Technology has unveiled its domestic answer to Anthropic’s highly classified “Mythos” cybersecurity model.
Speaking at the ISC.AI 2026 conference in Beijing, 360 founder Zhou Hongyi introduced the technology under the unified banner “Yitian Tulong”—a name pulled from a classic Chinese martial arts novel meaning “Heavenly Sword and Dragon Saber.” The release is the most high-profile Chinese effort to counter Western dominance in automated vulnerability-hunting AI.
1. The Twin Weapons: Offense and Defense
The “Yitian Tulong” framework splits its operations across two specialized, autonomous AI systems designed to operate at machine speed:
- Tulongfeng (The Dragon Saber): Explicitly billed by Zhou as “China’s version of Mythos,” this system is an offensive-leaning tool built to automatically discover zero-day software vulnerabilities. 360 claims Tulongfeng has already autonomously flagged 3,432 software flaws, 105 of which have been officially verified by Chinese authorities.
- Yitianzhen (The Heavenly Sword): Operating as the defensive counterpart, this model functions like an AI-driven security operations center—automating cyber defense, threat isolation, and real-time incident response.
[ "Yitian Tulong" AI Framework ]
│
┌───────┴───────┐
▼ ▼
[ Tulongfeng ] [ Yitianzhen ]
• Hunts Flaws • Secures Systems
• "China's • Automates
Mythos" Defenses
2. Bypassing the Silicon Blockade: The Agentic Route
Zhou openly admitted that Chinese frontier large language models (LLMs) still lag behind leading US systems by roughly 20% to 30% in raw base capability.
However, because tightening US export controls limit domestic access to the advanced computing power and chips needed to build giant monolithic models, 360 is deploying an alternative engineering workaround:
“If Mythos is a top-end chip, what we are building is a complete machine… If the U.S. route is to cultivate a genius hacker, 360’s route is to organize a professional attack-and-defense team.”
— Zhou Hongyi, Founder, 360 Security Technology
Instead of relying on a single hyper-intelligent model, 360 uses a Multi-Agent Collaborative system. This architecture pairs smaller, domestic AI agents with 360’s vast historical vulnerability databases and automated security tooling, chaining them together to achieve “Mythos-equivalent” results.
3. The Threat of “One-Way Transparency”
Anthropic’s Mythos model caused severe alarm globally after finding thousands of deep, unpatched exploits in major operating systems and web browsers. Fears that a “jailbroken” variant could instantly supercharge state-sponsored cyberattacks prompted the US government to completely ban exports of even toned-down versions of the program.
Zhou argued that China cannot afford to wait for absolute model parity, warning that a failure to deploy domestic equivalents creates a dangerous vulnerability ecosystem:
| The AI Cyber Asymmetry | Terrestrial Impact |
| “One-Way Transparency” | US entities could weaponize Mythos-class AI to scan Chinese infrastructure for cracks, while China remains blind. |
| The Operational Speed Gap | Human teams analyzing code manually are too slow. Adversaries utilizing automated agent clusters can build attack chains simultaneously at scale. |
By framing Tulongfeng as a necessary “strategic deterrent capability” to break a Western monopoly, 360 Security is signaling that the tech cold war has officially entered a dangerous new phase. Though 360’s claims have not been independently verified, the rollout highlights that autonomous vulnerability hunting is rapidly becoming the standard baseline for international cyber warfare.
