Anthropic’s launch yesterday of Claude Fable 5 and Mythos 5 has drawn feedback from the trade each praising the fashions and discussing how greatest to safe them for the AI period.
Fable 5 is Anthropic’s frontier mannequin with safety safeguards, whereas Mythos 5 has some guardrails eliminated.
Good for autonomous testing work
In an announcement, CodeRabbit wrote: “We noticed that throughout a number of coding tasks we used to check the mannequin’s capabilities. We might give Fable 5 imprecise prompts and nonetheless get full tasks fairly than prototype shells. It additionally discovered answer paths that felt much less apparent, together with approaches that earlier mannequin opinions struggled to achieve with out extra hand-holding.”
CodeRabbit famous, although, that that type of habits exhibits up as a value, because it discovered that Fable 5 saved working till the harness stopped it. So the mannequin feels succesful, however is pricey and gradual in agent workflows that wouldn’t have robust harnesses to chop them off.
It additional recommends that you simply not swap every part to Fable 5, however to make use of it to discover, plan and construct — particularly the place autonomy is the product — however preserve the present reviewer in place.
Fashions pair innovation, resilience
Anthony Grieco, SVP, chief safety and belief officer at Cisco, mentioned organizations wrestle with safety cycles that don’t preserve tempo with modifications in new fashions, those who “pair innovation with resilience” will probably be greatest positioned for achievement. AI-generated code.
Cisco — an early tester of each Anthropic and OpenAi fashions — mentioned Anthropic’s releases yesterday align with its mission of giving enterprises the AI instruments to get sooner responses and improved resilience, together with the technique and infrastructure to leverage these instruments.
“The tempo of frontier AI improvement is altering the safety panorama in actual time, and defenders can’t afford to attend for the mud to settle,” Grieco mentioned. “Whether or not the mannequin is Claude Mythos 5, Claude Fable 5, GPT-5.5-Cyber, or the following breakthrough, the problem is not simply entry to superior AI, however how organizations operationalize it with the appropriate harness, infrastructure, and agentic logic to show velocity into readability and motion.
“Which means persevering with to spend money on the basics that by no means go old-fashioned: patching, MFA, segmentation, and Zero Belief,” he added. “AI will increase the ceiling for what defenders can do, however safety resilience stays the inspiration that determines whether or not these positive aspects translate into actual safety.”
No downsides to public launch
Whereas many within the trade bemoaned the truth that Anthropic took a restricted rollout strategy to the fashions, Roger Grimes, CISO advisor at cybersecurity firm KnowBe4, mentioned there are not any downsides to creating Fable 5 publicly out there. “The earlier the band-aid is ripped off, the earlier the defender lifecycle kicks in and helps us,” he wrote in an announcement.
“Concerning whether or not cybercriminals will get entry to those instruments sooner: no, probably not,” he mentioned within the assertion. “Criminals have been utilizing AI to search out vulnerabilities, code exploits, and code malware since final yr. Actually, studying about Mythos put a renewed, extra intense push on utilizing AI to search out vulnerabilities and exploit them, but it surely wasn’t prefer it hasn’t been what the elite cybercriminals haven’t been doing for a yr already … Heck, I noticed related non-AI variations of Mythos being utilized by nation-states and enormous purple groups over a decade in the past. They had been fairly good then, however now AI-enabled, they’re supercharged. The one factor Mythos considerably modified was how shortly the defenders would get these instruments. Certain, it accelerated and helped attackers, however they didn’t want the push. Defenders wanted the larger wake-up name.”
Grimes went on to say that he expects to see a spike in discovered and exploited vulnerabilities over the following 2-3 years, however then purposes will turn into safer.
He has three issues that CIOs and CTOs want to concentrate on:
-
Vulnerabilities and nil days will explode over the following few years and be exploited sooner and extra efficiently
-
Defenders have to run the identical AI-methods to search out and repair vulnerabilities earlier than the attackers do
-
Patching must be completed sooner…with defenders maybe re-examining their present threat acceptance, and probably patching sooner with out testing.
Safety by Design, not a ‘safety armageddon’
In the meantime, Charles Guillemet, CTO at blockchain safety firm Ledger, mentioned “safety by design is the one layer that makes infrastructure proof against cyber vulnerability. That features formal verification, utilizing {hardware} primarily based safe enclaves.”
In a LinkedIn submit, Guilllemet cautioned in opposition to concern that exploited vulnerabilities in massive numbers will result in a safety armageddon. “Mythos is, at its core, Opus 4.xx with reinforcement studying specialised on offensive safety,” he wrote. “Attackers have had functionally equal functionality for months. The proof is within the telemetry: a tidal wave of in-the-wild exploitation, and the worth of stolen entry on darkish markets has by no means been decrease. We’re barely scratching the floor. Nothing is safe anymore and that received’t change anytime quickly.
That’s not altering. On the identical time people and organizations stay gradual to replace their software program stacks. Safety was once a cat and mouse sport. Now, everybody could be a cat.”
He added his perception that safety is basically absent from the broader AI agent dialog, and organizations are gradual to replace their software program stacks. “Safety,” he mentioned, “was once a cat and mouse sport. Now, everybody could be a cat.”
