Control Is the New Frontier in Security AI

Author

Ondrej Vlcek

Date Published

Spotlight keeping us safe

On the evening of June 12, 2026, Anthropic's Mythos 5 and Fable 5 went dark. The company took both models down in response to a US government directive, cutting off every customer worldwide without warning.

The lesson was immediate: capability you don't control is capability you can lose.

For most software teams, that is a business continuity problem. But for security teams, it is something more serious. If your security workflows rely on an AI model to detect, triage, remediate, or respond, then access to that model has effectively become part of your security posture. For security leaders, the incident raises an uncomfortable question: how much of their defense stack depends on access that's outside of their control?

Why This Is Bigger Than the Models Themselves

Anthropic received a directive from the US Commerce Department, citing national security authorities, ordering it to suspend access to Mythos 5 and Fable 5 for any foreign national, inside or outside the US. Because enforcing that distinction in real time is operationally difficult, the practical result was a hard shutoff for every customer. Frontier models released only 72 hours earlier disappeared.

The politics are not the point. This is not specific to one directive or one company. Any AI system you use on someone else's terms is exposed to forces you don't control. The government order is just a particularly dramatic illustration of a chronic risk. The same pattern appears when models get deprecated, pricing shifts, or usage policies tighten without notice.

A version of this risk exists in cloud infrastructure and SaaS generally. But AI is different in one important respect: frontier models are quickly becoming strategic assets. History shows that strategic assets attract contention, regulation, and eventually preferential access for those with the most power or geopolitical leverage.

The Frontier Is Moving Down the Stack

In its own statement, Anthropic noted that the cyber reasoning capability the government flagged is not exclusive to Mythos or Fable, and that other widely available models - including OpenAI's GPT-5.5 - can perform similar work. That clarification adds important context to earlier claims about Mythos' exceptional cyber capabilities.

Without speculating about the specific concerns US officials had, Anthropic's updated narrative lines up with what many in security have been seeing for a while: the ability to find new zero-day vulnerabilities in code and produce working exploits is increasingly present across models, including some smaller and open-weight ones. But raw model performance is not the only thing that makes this useful in production. What matters is the system built around the model: the harness that directs it, the context that understands your environment, and the engineering that turns model intelligence into security outcomes at scale.

And now, just as importantly, the architectural decision about where the whole system runs.

Who Controls the Reasoning Layer?

What sets security AI apart now is control. The main question has shifted from "how good is the model?" to "who controls it?"

Diagram of the dependency chain behind API-based security AI

For an AI-native security system, the model is not just another dependency. It is the reasoning layer that shapes the system's behavior: what it investigates, how it investigates it, why it prioritizes one path over another, when it escalates, when it stops, and how it turns incomplete evidence into action. The harness matters enormously, but in an agentic system, changing or removing the model can change the system's behavior at the deepest level.

That makes architecture a security decision. There is a real difference between a model that runs inside your environment, on infrastructure you govern, and one you reach through an API in someone else's cloud. One gives you operational control while the other can be changed, restricted, or taken away. And for many organizations, it just was, overnight.

The brain of your system should not be outsourced. Control of the model is the new frontier.

Can Models Under Your Control Deliver?

The last question is whether using private models means accepting weaker results. Control only matters if the capability behind it is real. The evidence shows that it is.

In our own work, AISLE has matched frontier models like Mythos on zero-day discovery and, in some cases, surpassed them. We have found and helped fix vulnerabilities in OpenSSL, curl, and FreeBSD that remained present even after the code had previously been scanned by Mythos.

That performance is reflected externally as well. AISLE currently ranks #1 on the UC Berkeley Vulnerability Initiative leaderboard in CVE volume, CWE breadth, and MITRE Top-25 reach. 

Behind that ranking are hundreds of CVEs we've responsibly disclosed across some of the world's most heavily audited open-source codebases, including the Linux kernel, Apache HTTP Server, Elastic Beats, all three major browser engines, and Signal Mes senger. Those vulnerabilities were validated by the maintainers who own that code and subsequently fixed in public releases. Beyond the CVEs, the AISLE engine has found thousands of additional vulnerabilities that have already been validated but are either not yet patched or pending CVE assignment.

AISLE: The Security AI You Control

Control is the principle AISLE is built on. AISLE runs frontier-class security AI inside your environment, under your policies, within your data boundaries, and on infrastructure you govern, up to and including fully air-gapped deployments. Your code and your data stay where you put them.

The directive against Anthropic may be debated, narrowed, or reversed, but the lesson is durable. As AI becomes more capable and more central to defense, availability becomes a security property. Capability you access through someone else's control plane can disappear through someone else's decision.

Security must become something organizations can actually own, govern, and run on their own terms. AISLE is defining the category of Sovereign AI Cybersecurity: AI-native defense deployed inside the customer’s environment, under the customer’s control.

Your security program shouldn't be one order away from going dark. If you want to see what sovereign AI security looks like in practice, talk to us.