Mondoo has been accepted into Anthropic's Cyber Verification Program (CVP), giving our security research team verified access to Claude's dual-use cyber capabilities, the kind of work that frontier models block by default.
That last part matters, so it's worth being precise about what this is.
The capability that gets blocked by default
To defend a system, you have to understand how it gets attacked. Reasoning about how a vulnerability is actually exploited, modeling attacker behavior, and pressure-testing a control until it breaks is the daily work of serious security research. It also overlaps almost perfectly with the techniques an attacker would use.
Anthropic built real-time safeguards into its most capable Claude models for exactly this reason. Activities like vulnerability exploitation and offensive security tooling sit in what Anthropic calls the "high-risk dual-use" category: legitimate defensive applications, real offensive potential. So they're blocked by default.
The Cyber Verification Program is how Anthropic opens that door for organizations doing legitimate defensive work. It's a free, application-based program for Anthropic's Opus models that lets vetted teams carry out dual-use research with fewer default interruptions, under Anthropic's security, confidentiality, and responsible-use requirements, and scoped to defensive use cases.
Mondoo applied. Mondoo was accepted.
A vetting process, not just an integration
CVP is an application and review process. Anthropic looks at who's applying, what they build, and how they intend to use the access, then grants clearance accordingly. The approval is tied to a specific organization, governed by Anthropic's controls, and scoped to the use cases described.
For anyone evaluating security vendors, that's a useful signal. Clearance from the team that built the model is an independent read on how a company actually operates, a different kind of credential than a marketing claim about "AI-powered" anything.
Why Mondoo needs this access
Mondoo is an Agentic Managed Vulnerability Service and platform. We don't hand customers a longer list of findings and wish them luck. We pair AI agents with a team of security and ITOps experts to run the full remediation loop: discover assets, prioritize by real exploitability and business impact, and drive each fix through to verified resolution, with humans in the loop on every decision.
That model only works if the intelligence feeding it is accurate. And the gap that hurts organizations most is the one between what a scanner flags and what an attacker will actually exploit. Closing that gap means reasoning the way an attacker reasons, not reading a sanitized description of a CVE but working through how it gets weaponized in a real environment.
This is precisely the research that default safeguards interrupt. CVP clearance removes that friction for our internal research team, and it lands in a few concrete places:
- Sharper exploitability analysis. Understanding whether and how a disclosed flaw can be exploited in a realistic environment is what separates a noisy vulnerability feed from an accurate read on risk. Better inputs here mean better prioritization downstream, with fewer false alarms and faster action on the issues that genuinely matter.
- Stronger detection and remediation logic. When our research team can model attacker behavior without artificial limits, the remediation guidance our agents produce reflects actual risk rather than compliance categories.
- Threat models that keep pace. Attacker tooling is evolving quickly, and cheap, capable models are reaching adversaries who won't be slowed by safeguards. CVP gives our team a faster path to keep our research, and our customers' defenses, current.
Importantly, this operates at the research layer. Our customers interact with the Mondoo platform and our managed service, not with the underlying model access. What they see is the output: a shorter exposure window, remediation that can start before a patch is even available, and measurable risk reduction instead of another report.
What it changes for our customers
The Mondoo platform was built to consume exactly this kind of intelligence. Our detections, both native and ingested from tools like Tenable, Rapid7, Qualys, CrowdStrike, SentinelOne, and Microsoft Defender, are matched against a vulnerability intelligence catalog of more than 783,000 known issues and contextualized against each environment. Feeding that pipeline with deeper, better-validated research makes every stage of the loop more accurate, from triage to verified fix.
Our results already reflect an outcomes-first model: a 60% reduction in open vulnerabilities, mean-time-to-remediation under 16 days, and remediation roughly 10x faster than doing it manually, across 300+ customers including Fortune 50 enterprises. CVP clearance is about protecting and sharpening the research engine behind those numbers.
Where this research already ships: AI Skills Check
This isn't abstract. The same attacker-minded research that CVP supports is already showing up in what we deliver, most directly in Mondoo AI Skills Check, our free, agent-agnostic scanner that shows you exactly what an AI agent skill does before you install it.
AI agent skills run with your credentials and file system access. A single malicious one can read SSH keys, exfiltrate environment variables, or quietly install persistence, and the threat is live, not theoretical. Researchers found 1,184 malicious skills on a single registry in the incident now known as ClawHavoc, with no marketplace review catching them. Understanding threats like that means reasoning about prompt injection, credential theft, agent impersonation, and 25+ other attack types the way an attacker would, which is exactly the dual-use research CVP is built to support.
AI Skills Check turns that understanding into something a security team can act on: a CVSS-scored verdict mapped to MITRE ATLAS and aligned to the OWASP LLM Top 10, including a side-by-side comparison of what a skill claims to do versus what it actually does, across Claude Code, Cursor, Windsurf, custom Anthropic SDK agents, and MCP servers. Deeper dual-use research makes that comparison sharper, and we've made the scanner free, because raising the floor on agentic AI security helps every defender, not just our customers.
It's a clear illustration of the loop CVP strengthens: research the offense, ship the defense.
"We didn't apply for CVP because it was available. We applied because the work we do requires it. Mondoo exists to fix vulnerabilities, not just report them, and fixing them well means understanding exactly how an attacker would exploit them. Being cleared by the team that builds the model tells our customers something a press release can't: that the research behind our remediation meets a serious, independently assessed bar. This is one step toward a durable advantage for defenders, and we're just getting started."
Patrick Münch, Co-Founder & CSO, Mondoo
A durable advantage for defenders
Anthropic has framed its goal as building a permanent advantage for defenders over attackers. We share that aim. AI is going to reshape both sides of the security equation, and the organizations that build continuous, automated, remediation-first programs before AI-powered exploitation becomes routine are the ones that will still be standing when it does.
Acceptance into the Cyber Verification Program is a step toward making that advantage real for the teams we serve. We'll share more as the program, and our research, develop.
Want to put this research to work? Scan an AI agent skill for free or get a free security assessment.
