
To defend a system effectively in the world of cybersecurity, you have to understand how an attacker would break into your defenses. You would have to think like them, do research like them, and use similar tools that simulate their behaviors.
AI has sped run the development of offensive capabilities, with models like Mythos purported being so dangerous that the U.S government has halted it’s release to the public for cybersecurity reasons.
However, as artificial intelligence models have advanced, the dual-use nature of security has run into a roadblock for those actively using AI to defend against hackers: the guardrails. To prevent ill intent from happening like using AI to start autonomous exploit factories, companies like Anthropic have implemented strict cyber safeguards around their new and existing models. For general internet users, these guards act as an ideal fence that they will never run into. But for cybersecurity professionals and companies trying to perform penetration testing and research, these guardrails block legitimate defensive workflows because they simply look like an exploit.
Recently, Ironwood Cyber joined Anthropic’s Cyber Verification Program (CVP).
Anthropic is an Artificial Intelligence and Research Company, known for developing AI systems such as Claude and one, if not, the biggest player in AI development right now. Simply put, the CVP is an application-based, enterprise framework designed by Anthropic. It bridges the gap between AI safety and high-end defensive cyber research. It allows security professionals and organizations to use their models without being restricted by default safety guardrails.
When a cybersecurity company (like Ironwood) is accepted into the CVP, Anthropic lifts the default real-time friction and blocks on high-risk, dual-use capabilities (penetration testing, exploitability analysis, etc) for that organization's verified environments.
However, the CVP does not grant a pass for malicious behavior for these companies. There are still prohibited cybersecurity activities like mass data exfiltration or ransomware code development. The CVP is instead an exclusive pass that enables trusted defensive users to use the deep power of models like Claude to conduct verified, authorized security testing.
At this point of society, we are rapidly approaching a threshold where AI-driven threats will be operating at a very quick speed. This speed is automated and threatens the internet by reducing the time to attack. The traditional “patch-to-deploy” window where you follow a structured cycle to reduce attack surfaces is shrinking from days to hours. If defenders are restricted to normal tools while others with malicious intent use unrestricted, specialized models, then the gap will widen significantly.
By joining the Cyber Verification Programs, Ironwood Cyber gains a huge advantage and to develop “steps” ahead. This is a massive milestone for Ironwood as it directly changes how we protect our clients. By having unblocked access to these models, our hybrid symbolic engine can use the non-deterministic flexibility of these LLM's to build out faster actual exploits that are fed back into our deterministic engine to provide a chainable threat path. Services will become much faster and more reliable and we can ship authorized attack chains faster.
The goal is not to use AI agents to just go crazy on your systems. The goal is to build a responsible framework around the cyber capabilities of the frontier lab models to harness the offensive features in a responsible, affordable, and transparent manner.
The cybersecurity landscape moves way too fast for normal defenses and tools. By joining Anthropic’s Cyber Verification Program, Ironwood Cyber isn’t just keeping pace with modern threats, but instead helping set the new defense standard for how AI-driven defense is done. Unlocking the full potential of advanced AI means that our team can now think faster, adapt quicker, and ship more.