Anthropic’s launch yesterday of Claude Fable 5 and Mythos 5 has drawn feedback from the trade each praising the fashions and discussing how finest to safe them for the AI period.
Fable 5 is Anthropic’s frontier mannequin with safety safeguards, whereas Mythos 5 has some guardrails eliminated.
Good for autonomous testing work
In a press release, CodeRabbit wrote: “We noticed that throughout a number of coding initiatives we used to check the mannequin’s capabilities. We may give Fable 5 imprecise prompts and nonetheless get full initiatives reasonably than prototype shells. It additionally discovered answer paths that felt much less apparent, together with approaches that earlier mannequin evaluations struggled to achieve with out extra hand-holding.”
CodeRabbit famous, although, that that sort of habits exhibits up as a value, because it discovered that Fable 5 saved working till the harness stopped it. So the mannequin feels succesful, however is pricey and sluggish in agent workflows that should not have robust harnesses to chop them off.
It additional recommends that you just not swap all the things to Fable 5, however to make use of it to discover, plan and construct — particularly the place autonomy is the product — however maintain the present reviewer in place.
Fashions pair innovation, resilience
Anthony Grieco, SVP, chief safety and belief officer at Cisco, stated organizations wrestle with safety cycles that don’t maintain tempo with modifications in new fashions, those who “pair innovation with resilience” might be finest positioned for achievement. AI-generated code.
Cisco — an early tester of each Anthropic and OpenAi fashions — stated Anthropic’s releases yesterday align with its mission of giving enterprises the AI instruments to get quicker responses and improved resilience, together with the technique and infrastructure to leverage these instruments.
“The tempo of frontier AI growth is altering the safety panorama in actual time, and defenders can’t afford to attend for the mud to settle,” Grieco stated. “Whether or not the mannequin is Claude Mythos 5, Claude Fable 5, GPT-5.5-Cyber, or the subsequent breakthrough, the problem is not simply entry to superior AI, however how organizations operationalize it with the correct harness, infrastructure, and agentic logic to show pace into readability and motion.
“Meaning persevering with to spend money on the basics that by no means go outdated: patching, MFA, segmentation, and Zero Belief,” he added. “AI will elevate the ceiling for what defenders can do, however safety resilience stays the inspiration that determines whether or not these good points translate into actual safety.”
No downsides to public launch
Whereas many within the trade bemoaned the truth that Anthropic took a restricted rollout strategy to the fashions, Roger Grimes, CISO advisor at cybersecurity firm KnowBe4, stated there aren’t any downsides to creating Fable 5 publicly out there. “The earlier the band-aid is ripped off, the earlier the defender lifecycle kicks in and helps us,” he wrote in a press release.
“Relating to whether or not cybercriminals will get entry to those instruments quicker: no, not likely,” he stated within the assertion. “Criminals have been utilizing AI to seek out vulnerabilities, code exploits, and code malware since final yr. Actually, studying about Mythos put a renewed, extra intense push on utilizing AI to seek out vulnerabilities and exploit them, nevertheless it wasn’t prefer it hasn’t been what the elite cybercriminals haven’t been doing for a yr already … Heck, I noticed comparable non-AI variations of Mythos being utilized by nation-states and huge purple groups over a decade in the past. They had been fairly good then, however now AI-enabled, they’re supercharged. The one factor Mythos considerably modified was how rapidly the defenders would get these instruments. Positive, it accelerated and helped attackers, however they didn’t want the push. Defenders wanted the larger wake-up name.”
Grimes went on to say that he expects to see a spike in discovered and exploited vulnerabilities over the subsequent 2-3 years, however then purposes will grow to be safer.
He has three issues that CIOs and CTOs want to pay attention to:
-
Vulnerabilities and 0 days will explode over the subsequent few years and be exploited quicker and extra efficiently
-
Defenders must run the identical AI-methods to seek out and repair vulnerabilities earlier than the attackers do
-
Patching must be completed quicker…with defenders maybe re-examining their present danger acceptance, and doubtlessly patching quicker with out testing.
Safety by Design, not a ‘safety armageddon’
In the meantime, Charles Guillemet, CTO at blockchain safety firm Ledger, stated “safety by design is the one layer that makes infrastructure proof against cyber vulnerability. That features formal verification, utilizing {hardware} primarily based safe enclaves.”
In a LinkedIn put up, Guilllemet cautioned towards concern that exploited vulnerabilities in massive numbers will result in a safety armageddon. “Mythos is, at its core, Opus 4.xx with reinforcement studying specialised on offensive safety,” he wrote. “Attackers have had functionally equal functionality for months. The proof is within the telemetry: a tidal wave of in-the-wild exploitation, and the worth of stolen entry on darkish markets has by no means been decrease. We’re barely scratching the floor. Nothing is safe anymore and that gained’t change anytime quickly.
That’s not altering. On the similar time people and organizations stay sluggish to replace their software program stacks. Safety was a cat and mouse recreation. Now, everybody could be a cat.”
He added his perception that safety is essentially absent from the broader AI agent dialog, and organizations are sluggish to replace their software program stacks. “Safety,” he stated, “was a cat and mouse recreation. Now, everybody could be a cat.”
