The current system can’t keep up
Frontier AI models can now find novel, chained zero-day vulnerabilities in open source software at machine speed. These are flaws that survived decades of expert review, including, in one recent case, a critical bug in media-processing code used by countless applications that automated fuzzers had run more than five million times without ever catching it. The gap between a vulnerability being discovered and being exploited has collapsed from years to hours, and a growing share of exploits are weaponized before the bug is ever publicly disclosed. Meanwhile, the critical software underneath everything is often maintained by one or two volunteers who are already buried in low-quality scanner noise. Coordinated disclosure was built for a world where finding a serious flaw took weeks and the targets were few. That world is gone.
Left alone, the default outcome is fragmentation: every cloud, vendor, and security team quietly forking the same critical libraries with its own patch set, and no shared truth about what's actually fixed. That is slower, weaker, and more dangerous for everyone.
Why this has to be coordinated, and fast
When exploits land in hours, only a coordinated effort moves fast enough to matter. Because the work is shared, one pipeline does in a single pass what a dozen fragmented ones do redundantly and slower — so submitters, vendors, integrators, maintainers, and the public all end up better protected, and sooner, than fragmentation could ever deliver.
What Athena does
Athena is an industry coalition for the orchestrated defense of open source software. Its members feed vulnerability findings from across the industry into Athena, which takes each one through its full lifecycle end to end and turns it into protection for everyone. A clearinghouse pools and correlates those findings from every member and turns them into fixes at the same machine speed they're discovered. Around that, Athena stacks independent layers of protection so that coverage exists even where a clean patch doesn't, staying on every flaw until a durable upstream fix is in place.
Discovery
Vetted findings pooled from across the coalition. Athena accepts findings from all frontier models, including Anthropic's Project Glasswing and OpenAI's Daybreak.
Pre-embargo remediation
Affected projects are rebuilt as private, hardened versions, available to members through Chainguard Libraries before disclosure. Findings are addressed in batches across a whole library, hardening it against entire classes of issues rather than the one bug a model happened to surface first, so it stays quiet even when a more capable model arrives.
Continuous reconciliation
Every finding is reconciled against upstream throughout the embargo, catching independent discovery, and keeping fixes current as projects move at head.
Platform, network, and infrastructure mitigations
Partners that sit in front of much of the internet — network providers, cloud platforms, security gateways — push non-patch mitigations ahead of disclosure: detection signatures, traffic-level rules, and platform-side blocks that blunt exploitation where a patch isn't yet available or deployed.
Detections and vendor mitigations
Cybersecurity partners add their own detections, signatures, and virtual patching as a further independent layer.
Upstream disclosure and hard forks
The coalition drives coordinated disclosure upstream, and Chainguard hopes to work with the Linux Foundation on a coordinated Security Incident Response Team (SIRT) for open source and a maintainer of last resort program.
No single layer is complete. Together, they get as close to complete as this problem allows.
Operationally organizations submit pre-disclosure findings through an encrypted portal, and stay in control throughout — each submitter decides what is shared, with whom, and on what embargo timeline. We deduplicate and enrich each one, tracing when the flaw was introduced, whether it's already fixed at head, and everywhere else the same pattern appears, and publish the metadata as an OSV feed. Members get anonymized, aggregated intelligence across all submitters and access to patched builds ahead of public disclosure.
There's also a part of this almost no one will ever see. A patch only helps the people who can apply it, and most of the world can't move on an attacker's timeline — the same libraries running inside the biggest tech companies also run a rural water plant or a regional hospital with one IT person and no security team. They won't patch in time, so the mitigations go out in front of them: the flaw gets blocked at the network and platform layers before it's ever public, with no action required from the people it protects, most of whom never knew there was anything to protect them from.
The coalition members
Athena only works because each partner closes a gap the others can't, and most fill more than one role. Today there are more than two dozen members participating in Athena, and between them, the coalition spans the full stack of the ecosystem the world's software actually runs on.
Submitters and consumers contribute the vetted, pre-disclosure findings the whole system runs on. A flaw one organization spots gets remediated and pushed upstream, becoming a fix the entire ecosystem inherits.
Platform, network, and infrastructure partners blunt exploitations where a patch isn't yet available or deployed. Advance warning lets providers harden their layer and shield the systems and customers that depend on them.
Cybersecurity vendors add their own detections, signatures, and virtual patching as a further independent layer. A pre-embargo view of live zero-days, so detections and virtual patches are ready across the industry the moment a flaw becomes public.
Global professional services bring deployment capacity at client scale. Fixes reach real client environments ahead of disclosure — closing the gap between a patch existing and a patch actually being deployed.
What the coalition is saying
"Trust is at the core of what we do. Our clients count on BNY to protect what matters most, including the software behind our systems. As AI speeds up the discovery of vulnerabilities, Athena may help us identify and address risks earlier."
Dave Robinson
Chief Information Security Officer, BNY
Live today
More than two dozen organizations participating. The first wave of coordinated disclosures begins in a month.
20,000+
findings processed
2,000+
patches
500+
open source projects
The best bet we have
Will it be perfect? No. The hardest part isn't finding flaws or fixing them — it's getting the fix all the way home. Upstreaming is a salmon run: each fix has to swim against the current all the way to the volunteer maintainers who can make it permanent, while attackers wait like bears at the falls for any flaw still exposed along the way. Athena gives every fix the best possible run, and acts as maintainer of last resort for the ones that can't make it. Not every salmon makes it home, and no one should pretend otherwise, but fragmentation is worse and standing still is not survivable. A single coordinated, end-to-end effort is the closest thing to a complete answer that exists — and it only works if we build it together. The coalition will report back what we learn along the way.
Join Athena
If any of this resonates, the next step is a single conversation. Reach out to us if you're finding vulnerabilities, want to join the coalition, or just curious to learn how your team can help. No one can get ahead of this alone, which is the whole point of a coalition. The more of the industry that participates, the less any attacker has left to find. Join us.