Anshu Gupta

@fromanshu

Investor @SVCIangels / prev. @Coupa @HelloSign @fast @Esurance @KPMG @EY_US @branchmetrics @VaroBank

San Francisco, CA

Joined June 2009

1.9K Following

370 Followers

686 Posts

Anshu Gupta

@fromanshu

3 days ago

macOS Security Compliance Project from National Institute of Standards and Technology @NIST A lot of folks do not know about the mSCP which is an Apple recognized open source @Apple OS security guidance (macOS, iOS/iPadOS, visionOS) - built by government and industry experts, based on NIST SP 800-53, authoritative per SP 800-219 and 800-70, with baselines and benchmarks for government, industry, and international use. https://t.co/KkJidzEC05

fromanshu's tweet photo. macOS Security Compliance Project from National Institute of Standards and Technology @NIST

A lot of folks do not know about the mSCP which is an Apple recognized open source @Apple OS security guidance (macOS, iOS/iPadOS, visionOS) - built by government and industry experts, based on NIST SP 800-53, authoritative per SP 800-219 and 800-70, with baselines and benchmarks for government, industry, and international use.

https://t.co/KkJidzEC05

Anshu Gupta

@fromanshu

8 days ago

@AnthropicAI Fable 5/Mythos 5 Session Resources 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗥𝗲𝗰𝗼𝗿𝗱𝗶𝗻𝗴- https://t.co/nbv524ziOr 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗦𝗹𝗶𝗱𝗲𝘀 - https://t.co/mo1C8Mnovc 𝗗𝗮𝘁𝗮 𝗥𝗲𝘁𝗲𝗻𝘁𝗶𝗼𝗻 & 𝗥𝗲𝘃𝗶𝗲𝘄 𝗥𝗲𝗳𝗲𝗿𝗲𝗻𝗰𝗲 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 𝗗𝗶𝗮𝗴𝗿𝗮𝗺 - https://t.co/02PhAMQrUu 𝗗𝗮𝘁𝗮 𝗥𝗲𝘁𝗲𝗻𝘁𝗶𝗼𝗻 & 𝗥𝗲𝘃𝗶𝗲𝘄 𝗥𝗶𝘀𝗸 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 𝗠𝗮𝘁𝗿𝗶𝘅 - https://t.co/Bw8N1G9gbH 𝗖𝗹𝗮𝘂𝗱𝗲 𝗙𝗮𝗯𝗹𝗲 𝗮𝗻𝗱 𝗠𝘆𝘁𝗵𝗼𝘀 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗥𝗲𝗳𝗲𝗿𝗲𝗻𝗰𝗲𝘀 - https://t.co/rrtkg0ZSvY

fromanshu's tweet photo. @AnthropicAI Fable 5/Mythos 5 Session Resources

𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗥𝗲𝗰𝗼𝗿𝗱𝗶𝗻𝗴- https://t.co/nbv524ziOr

𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗦𝗹𝗶𝗱𝗲𝘀 - https://t.co/mo1C8Mnovc

𝗗𝗮𝘁𝗮 𝗥𝗲𝘁𝗲𝗻𝘁𝗶𝗼𝗻 & 𝗥𝗲𝘃𝗶𝗲𝘄 𝗥𝗲𝗳𝗲𝗿𝗲𝗻𝗰𝗲 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 𝗗𝗶𝗮𝗴𝗿𝗮𝗺 - https://t.co/02PhAMQrUu

𝗗𝗮𝘁𝗮 𝗥𝗲𝘁𝗲𝗻𝘁𝗶𝗼𝗻 & 𝗥𝗲𝘃𝗶𝗲𝘄 𝗥𝗶𝘀𝗸 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 𝗠𝗮𝘁𝗿𝗶𝘅 - https://t.co/Bw8N1G9gbH

𝗖𝗹𝗮𝘂𝗱𝗲 𝗙𝗮𝗯𝗹𝗲 𝗮𝗻𝗱 𝗠𝘆𝘁𝗵𝗼𝘀 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗥𝗲𝗳𝗲𝗿𝗲𝗻𝗰𝗲𝘀 - https://t.co/rrtkg0ZSvY

123

Anshu Gupta

@fromanshu

8 days ago

The @CISAgov "𝗕𝗶𝗻𝗱𝗶𝗻𝗴 𝗢𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗗𝗶𝗿𝗲𝗰𝘁𝗶𝘃𝗲 𝟮𝟲-𝟬𝟰: 𝗣𝗿𝗶𝗼𝗿𝗶𝘁𝗶𝘇𝗶𝗻𝗴 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗨𝗽𝗱𝗮𝘁𝗲𝘀 𝗕𝗮𝘀𝗲𝗱 𝗼𝗻 𝗥𝗶𝘀𝗸", is the single most important update in the recent times which will move the need for the entire cybersecurity industry. Bringing down remediation timeline to 3 days for critical and exploitable vulnerabilities is going to cause sea changes in how both federal and private organizations operate from an Information Systems operational cadence Note - Binding Operational Directive is a compulsory direction to federal, executive branch, departments, and agencies for purposes of safeguarding federal information and information systems https://t.co/n18aEsiDY7

fromanshu's tweet photo. The @CISAgov "𝗕𝗶𝗻𝗱𝗶𝗻𝗴 𝗢𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗗𝗶𝗿𝗲𝗰𝘁𝗶𝘃𝗲 𝟮𝟲-𝟬𝟰: 𝗣𝗿𝗶𝗼𝗿𝗶𝘁𝗶𝘇𝗶𝗻𝗴 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗨𝗽𝗱𝗮𝘁𝗲𝘀 𝗕𝗮𝘀𝗲𝗱 𝗼𝗻 𝗥𝗶𝘀𝗸", is the single most important update in the recent times which will move the need for the entire cybersecurity industry.

Bringing down remediation timeline to 3 days for critical and exploitable vulnerabilities is going to cause sea changes in how both federal and private organizations operate from an Information Systems operational cadence

Note - Binding Operational Directive is a compulsory direction to federal, executive branch, departments, and agencies for purposes of safeguarding federal information and information systems

https://t.co/n18aEsiDY7

Anshu Gupta

@fromanshu

9 days ago

Happening today between 12 - 1 PM PDT, my session on "Anthropic 𝗖𝗹𝗮𝘂𝗱𝗲 𝗙𝗮𝗯𝗹𝗲 𝟱 & 𝗖𝗹𝗮𝘂𝗱𝗲 𝗠𝘆𝘁𝗵𝗼𝘀 𝟱 - 𝗔 𝗥𝗲𝗮𝗹 𝗣𝗿𝗶𝗺𝗲𝗿 𝗙𝗼𝗿 𝗔𝗹𝗹" Register here - https://t.co/LQgV60kIYP Lots of interesting observations, so don't miss it. After this "learning oriented" session you will be able to talk about all things Fable 5/Mythos 5 confidently, with anyone including all the recent happenings between USG and Anthropic.

Who to follow

mehrab opi🇧🇩

@mehrabopi33500

Web Application Security Engineer | Bug Hunter | Ethical Hacker | Penetration Tester

Guy Barnhart-Magen @[email protected]

@barnhartguy

CTO and cofounder @proferosec | tired father by night | Board Member | Software/Cryptography/Architecture | @BSidesTLV Co-Organizer and @BSidesTLV_CTF lead

Lets Fix Cyber Risk🛠

@cyber24x7

Translating complex cyber risks into actionable strategies. 🛡️ Cybersecurity Evangelist 🔬 Security Researcher 🎯 Threat Hunting 🟣 Purple Team Operator

Anshu Gupta

@fromanshu

9 days ago

Feedback is delinked from your user and customer IDs before it’s used by Anthropic HOWEVER Feedback is used to train Anthropic AI models as permitted under applicable laws. Since your entire related conversation - including content is stored, technically your personal data is being used to train the model. You might have not intended to do so when you clicked on the Feedback button.

Anshu Gupta

@fromanshu

9 days ago

𝗬𝗼𝘂𝗿 𝗖𝗹𝗮𝘂𝗱𝗲 𝗰𝗼𝗻𝘃𝗲𝗿𝘀𝗮𝘁𝗶𝗼𝗻 𝗺𝗶𝗴𝗵𝘁 𝗯𝗲 𝗿𝗲𝘁𝗮𝗶𝗻𝗲𝗱 𝗳𝗼𝗿 𝟱 𝘆𝗲𝗮𝗿𝘀 𝗯𝗲𝗰𝗮𝘂𝘀𝗲 𝘆𝗼𝘂 𝗰𝗹𝗶𝗰𝗸𝗲𝗱 👍 If you click the 👍 or 👎 feedback button in Claude, Anthropic says it will store the entire related conversation - including content, custom styles, conversation preferences, and model settings - in its secured backend for up to 5 years. Think about that for a second. Most of us treat the thumbs up/down button as a harmless UX feature. A quick way to say "good answer" or "bad answer." But in this case, that simple click may have significantly broader privacy implications than many users realize. A feedback button is not just a feedback button anymore. It is a consent mechanism and a retention trigger. To be clear, @AnthropicAI publicly documents this behavior in its Privacy Center. This is not hidden. The surprising part is how many technically sophisticated users probably have no idea that clicking a simple thumbs up/down can result in a conversation being retained for up to five years. #AISecurity #Privacy #ClaudeAI #Anthropic #DataGovernance #DataRetention #AIGovernance #CyberSecurity #TrustAndSafety #ResponsibleAI

fromanshu's tweet photo. 𝗬𝗼𝘂𝗿 𝗖𝗹𝗮𝘂𝗱𝗲 𝗰𝗼𝗻𝘃𝗲𝗿𝘀𝗮𝘁𝗶𝗼𝗻 𝗺𝗶𝗴𝗵𝘁 𝗯𝗲 𝗿𝗲𝘁𝗮𝗶𝗻𝗲𝗱 𝗳𝗼𝗿 𝟱 𝘆𝗲𝗮𝗿𝘀 𝗯𝗲𝗰𝗮𝘂𝘀𝗲 𝘆𝗼𝘂 𝗰𝗹𝗶𝗰𝗸𝗲𝗱 👍

If you click the 👍 or 👎 feedback button in Claude, Anthropic says it will store the entire related conversation - including content, custom styles, conversation preferences, and model settings - in its secured backend for up to 5 years.

Think about that for a second.

Most of us treat the thumbs up/down button as a harmless UX feature. A quick way to say "good answer" or "bad answer."

But in this case, that simple click may have significantly broader privacy implications than many users realize.

A feedback button is not just a feedback button anymore. It is a consent mechanism and a retention trigger.

To be clear, @AnthropicAI publicly documents this behavior in its Privacy Center. This is not hidden. The surprising part is how many technically sophisticated users probably have no idea that clicking a simple thumbs up/down can result in a conversation being retained for up to five years.

#AISecurity #Privacy #ClaudeAI #Anthropic #DataGovernance #DataRetention #AIGovernance #CyberSecurity #TrustAndSafety #ResponsibleAI

Anshu Gupta

@fromanshu

9 days ago

Reference architecture inspired by the @AnthropicAI "𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗣𝗿𝗶𝘃𝗮𝗰𝘆 𝗗𝗲𝘀𝗶𝗴𝗻 𝗼𝗳 𝗔𝗻𝘁𝗵𝗿𝗼𝗽𝗶𝗰 𝗗𝗮𝘁𝗮 𝗥𝗲𝘁𝗲𝗻𝘁𝗶𝗼𝗻 𝗮𝗻𝗱 𝗥𝗲𝘃𝗶𝗲𝘄" technical white paper. Any company can use this as a build blueprint to build their own What it captures, as a replicable 6-step pipeline plus cross-cutting controls: *️⃣ 𝗜𝗻𝗴𝗲𝘀𝘁𝗶𝗼𝗻 - keyless, short-lived federated tokens; stateless serving with TLS/mTLS so no persistent copy lives on the serving path. *️⃣ 𝗚𝗼𝘃𝗲𝗿𝗻𝗲𝗱 𝗿𝗲𝘁𝗲𝗻𝘁𝗶𝗼𝗻 𝘀𝘁𝗼𝗿𝗲 - 30-day window, encrypted under a customer-managed key, every record tagged with org/workspace ID, sensitivity label, and retention timestamp, with per-tenant key isolation. *️⃣ 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗲𝗱 𝗰𝗹𝗮𝘀𝘀𝗶𝗳𝗶𝗲𝗿𝘀 - aggregate scanning with no human access path, producing scores and labels; only flagged content can ever advance. *️⃣ 𝗔𝗰𝗰𝗲𝘀𝘀 𝗴𝗿𝗮𝗻𝘁 - the per-transcript control point: explicit, policy-evaluated, logged, fail-closed, two-person approval for regulated data. *️⃣ 𝗛𝘂𝗺𝗮𝗻 𝗿𝗲𝘃𝗶𝗲𝘄 - scoped viewer with no export/copy/download, designated reviewer pools, need-to-know scope. *️⃣ 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗰 𝗱𝗲𝗹𝗲𝘁𝗶𝗼𝗻 𝗮𝘁 𝟯𝟬 𝗱𝗮𝘆𝘀 - origin-bound clock, derived-data inheritance. #AISecurity #AIGovernance #DataRetention #PrivacyEngineering #SecurityArchitecture #ResponsibleAI #DataGovernance #RiskManagement #CISO #CyberSecurity #TrustAndSafety #ZeroTrust #CloudSecurity #EnterpriseAI #SecurityEngineering

fromanshu's tweet photo. Reference architecture inspired by the @AnthropicAI "𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗣𝗿𝗶𝘃𝗮𝗰𝘆 𝗗𝗲𝘀𝗶𝗴𝗻 𝗼𝗳 𝗔𝗻𝘁𝗵𝗿𝗼𝗽𝗶𝗰 𝗗𝗮𝘁𝗮 𝗥𝗲𝘁𝗲𝗻𝘁𝗶𝗼𝗻 𝗮𝗻𝗱 𝗥𝗲𝘃𝗶𝗲𝘄" technical white paper.

Any company can use this as a build blueprint to build their own

What it captures, as a replicable 6-step pipeline plus cross-cutting controls:

*️⃣ 𝗜𝗻𝗴𝗲𝘀𝘁𝗶𝗼𝗻 - keyless, short-lived federated tokens; stateless serving with TLS/mTLS so no persistent copy lives on the serving path.

*️⃣ 𝗚𝗼𝘃𝗲𝗿𝗻𝗲𝗱 𝗿𝗲𝘁𝗲𝗻𝘁𝗶𝗼𝗻 𝘀𝘁𝗼𝗿𝗲 - 30-day window, encrypted under a customer-managed key, every record tagged with org/workspace ID, sensitivity label, and retention timestamp, with per-tenant key isolation.

*️⃣ 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗲𝗱 𝗰𝗹𝗮𝘀𝘀𝗶𝗳𝗶𝗲𝗿𝘀 - aggregate scanning with no human access path, producing scores and labels; only flagged content can ever advance.

*️⃣ 𝗔𝗰𝗰𝗲𝘀𝘀 𝗴𝗿𝗮𝗻𝘁 - the per-transcript control point: explicit, policy-evaluated, logged, fail-closed, two-person approval for regulated data.

*️⃣ 𝗛𝘂𝗺𝗮𝗻 𝗿𝗲𝘃𝗶𝗲𝘄 - scoped viewer with no export/copy/download, designated reviewer pools, need-to-know scope.

*️⃣ 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗶𝗰 𝗱𝗲𝗹𝗲𝘁𝗶𝗼𝗻 𝗮𝘁 𝟯𝟬 𝗱𝗮𝘆𝘀 - origin-bound clock, derived-data inheritance.

#AISecurity #AIGovernance #DataRetention #PrivacyEngineering #SecurityArchitecture #ResponsibleAI #DataGovernance #RiskManagement #CISO #CyberSecurity #TrustAndSafety #ZeroTrust #CloudSecurity #EnterpriseAI #SecurityEngineering

Anshu Gupta

@fromanshu

9 days ago

𝗧𝗵𝗲 𝗯𝗶𝗴𝗴𝗲𝘀𝘁 𝗔𝗜 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝘀𝘁𝗼𝗿𝘆 𝘁𝗵𝗶𝘀 𝘄𝗲𝗲𝗸 𝗶𝘀, 𝗮𝘁 𝗶𝘁𝘀 𝗰𝗼𝗿𝗲, 𝗮 𝗱𝗲𝗳𝗶𝗻𝗶𝘁𝗶𝗼𝗻𝘀 𝗽𝗿𝗼𝗯𝗹𝗲𝗺. On June 12, the US government ordered Anthropic to suspend its two most capable models, Fable 5 and Mythos 5, citing a method to jailbreak the model into surfacing code vulnerabilities. Anthropic's reply: this is narrow, non-universal, and a misunderstanding. Both sides are arguing about one line most people skip. A 𝗼𝗻𝗲-𝗼𝗳𝗳 𝗷𝗮𝗶𝗹𝗯𝗿𝗲𝗮𝗸 elicits some restricted output in a specific case. Every safeguard is vulnerable to these. It is an incident and most AI labs have process and tools to address these swiftly A 𝘂𝗻𝗶𝘃𝗲𝗿𝘀𝗮𝗹 𝗷𝗮𝗶𝗹𝗯𝗿𝗲𝗮𝗸 is the master key. One reusable method that broadly bypasses safeguards across many capabilities, often across models. It is a class break. If a regulator treats every narrow jailbreak as disqualifying, you do not get safer AI. You get a standard that, applied evenly, would halt nearly every frontier deployment, If a lab treats "we found no universal jailbreak yet" as proof of safety, that is a snapshot in time, not a guarantee. These methods are expected to eventually be found. Treating those as the same word is how you get a frontier model pulled offline over the wrong threat model. #AISecurity #RedTeaming #FrontierAI #AIGovernance #CISO #LLMSecurity @tejascybernet

fromanshu's tweet photo. 𝗧𝗵𝗲 𝗯𝗶𝗴𝗴𝗲𝘀𝘁 𝗔𝗜 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝘀𝘁𝗼𝗿𝘆 𝘁𝗵𝗶𝘀 𝘄𝗲𝗲𝗸 𝗶𝘀, 𝗮𝘁 𝗶𝘁𝘀 𝗰𝗼𝗿𝗲, 𝗮 𝗱𝗲𝗳𝗶𝗻𝗶𝘁𝗶𝗼𝗻𝘀 𝗽𝗿𝗼𝗯𝗹𝗲𝗺.

On June 12, the US government ordered Anthropic to suspend its two most capable models, Fable 5 and Mythos 5, citing a method to jailbreak the model into surfacing code vulnerabilities. Anthropic's reply: this is narrow, non-universal, and a misunderstanding.

Both sides are arguing about one line most people skip.

A 𝗼𝗻𝗲-𝗼𝗳𝗳 𝗷𝗮𝗶𝗹𝗯𝗿𝗲𝗮𝗸 elicits some restricted output in a specific case. Every safeguard is vulnerable to these. It is an incident and most AI labs have process and tools to address these swiftly

A 𝘂𝗻𝗶𝘃𝗲𝗿𝘀𝗮𝗹 𝗷𝗮𝗶𝗹𝗯𝗿𝗲𝗮𝗸 is the master key. One reusable method that broadly bypasses safeguards across many capabilities, often across models. It is a class break.

If a regulator treats every narrow jailbreak as disqualifying, you do not get safer AI. You get a standard that, applied evenly, would halt nearly every frontier deployment,

If a lab treats "we found no universal jailbreak yet" as proof of safety, that is a snapshot in time, not a guarantee. These methods are expected to eventually be found.

Treating those as the same word is how you get a frontier model pulled offline over the wrong threat model.

#AISecurity #RedTeaming #FrontierAI #AIGovernance #CISO #LLMSecurity @tejascybernet

Anshu Gupta

@fromanshu

10 days ago

𝗢𝗯𝘀𝗲𝗿𝘃𝗮𝘁𝗶𝗼𝗻 - As per @AnthropicAI for 𝗰𝘆𝗯𝗲𝗿 𝗮𝗱𝘃𝗲𝗿𝘀𝗮𝗿𝗶𝗮𝗹 𝗿𝗼𝗯𝘂𝘀𝘁𝗻𝗲𝘀𝘀 𝗲𝘃𝗮𝗹, the internal automated red teaming was done using "𝘀𝗵𝗼𝗿𝘁 𝘁𝗮𝘀𝗸𝘀" related to offensive cybersecurity and that the tasks are "𝗺𝗼𝘀𝘁𝗹𝘆 𝘀𝗶𝗺𝗽𝗹𝗲" and "𝗻𝗼𝘁 𝗿𝗲𝗽𝗿𝗲𝘀𝗲𝗻𝘁𝗮𝘁𝗶𝘃𝗲 𝗼𝗳 𝗿𝗲𝗮𝗹 𝗰𝘆𝗯𝗲𝗿 𝘂𝘀𝗮𝗴𝗲" - they are sometimes as simple as encrypting files on a remote server. Wouldn't the more meaningful evaluation be to use the chaining, reasoning, agentic workflows, tool use, autonomous execution capabilities of the Mythos class models for: ✅ Multi-stage attack chains ✅ Long-duration autonomous operations ✅ Tool-using agents that adapt after failure ✅ Vulnerability discovery workflows ✅ Persistence and privilege escalation sequences ✅ Realistic operator-in-the-loop offensive engagements #Claude #Fable5 #Mythos5 #AISafety #AISecurity #CyberSecurity #RedTeaming #AgenticAI #ArtificialIntelligence #LLMSecurity #AIEvaluation #SecurityResearch #CISO #CyberDefense

fromanshu's tweet photo. 𝗢𝗯𝘀𝗲𝗿𝘃𝗮𝘁𝗶𝗼𝗻 - As per @AnthropicAI for 𝗰𝘆𝗯𝗲𝗿 𝗮𝗱𝘃𝗲𝗿𝘀𝗮𝗿𝗶𝗮𝗹 𝗿𝗼𝗯𝘂𝘀𝘁𝗻𝗲𝘀𝘀 𝗲𝘃𝗮𝗹, the internal automated red teaming was done using "𝘀𝗵𝗼𝗿𝘁 𝘁𝗮𝘀𝗸𝘀" related to offensive cybersecurity and that the tasks are "𝗺𝗼𝘀𝘁𝗹𝘆 𝘀𝗶𝗺𝗽𝗹𝗲" and "𝗻𝗼𝘁 𝗿𝗲𝗽𝗿𝗲𝘀𝗲𝗻𝘁𝗮𝘁𝗶𝘃𝗲 𝗼𝗳 𝗿𝗲𝗮𝗹 𝗰𝘆𝗯𝗲𝗿 𝘂𝘀𝗮𝗴𝗲" - they are sometimes as simple as encrypting files on a remote server.

Wouldn't the more meaningful evaluation be to use the chaining, reasoning, agentic workflows, tool use, autonomous execution capabilities of the Mythos class models for:

✅ Multi-stage attack chains
✅ Long-duration autonomous operations
✅ Tool-using agents that adapt after failure
✅ Vulnerability discovery workflows
✅ Persistence and privilege escalation sequences
✅ Realistic operator-in-the-loop offensive engagements

#Claude #Fable5 #Mythos5 #AISafety #AISecurity #CyberSecurity #RedTeaming #AgenticAI #ArtificialIntelligence #LLMSecurity #AIEvaluation #SecurityResearch #CISO #CyberDefense

Anshu Gupta

@fromanshu

10 days ago

One line from @AnthropicAI statement on the US government directive to suspend access to Fable 5 and Mythos 5 is interesting. "𝗧𝗵𝗲𝘀𝗲 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗮𝗹𝗹 𝗮𝗽𝗽𝗲𝗮𝗿 𝗿𝗲𝗹𝗮𝘁𝗶𝘃𝗲𝗹𝘆 𝘀𝗶𝗺𝗽𝗹𝗲" You DON'T call vulnerabilities simple. You rank them as critical, high, medium, low. You can call an exploit as simple. The other one is the use of the word "appear". Security is fairly deterministic in classification of vulnerabilities once a qualified professional has done proper analysis so the choice of the word "appear" is interesting as well.

fromanshu's tweet photo. One line from @AnthropicAI statement on the US government directive to suspend access to Fable 5 and Mythos 5 is interesting.

"𝗧𝗵𝗲𝘀𝗲 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝗶𝗲𝘀 𝗮𝗹𝗹 𝗮𝗽𝗽𝗲𝗮𝗿 𝗿𝗲𝗹𝗮𝘁𝗶𝘃𝗲𝗹𝘆 𝘀𝗶𝗺𝗽𝗹𝗲"

You DON'T call vulnerabilities simple. You rank them as critical, high, medium, low. You can call an exploit as simple. The other one is the use of the word "appear". Security is fairly deterministic in classification of vulnerabilities once a qualified professional has done proper analysis so the choice of the word "appear" is interesting as well.

Anshu Gupta

@fromanshu

10 days ago

One thing I can't quite wrap my head around the @AnthropicAI Fable 5 / Mythos 5 shutdown. Most jailbreaks can typically be mitigated fairly quickly once the underlying technique or pattern is understood. This is standard practice across frontier AI labs. Researchers report a jailbreak, the lab analyzes the technique, implements a mitigation (even if temporary), and then works on a more robust fix. Most major AI companies have dedicated teams, tooling, and well-established processes for handling exactly this type of issue. So when @awscloud researchers surfaced a jailbreak, the obvious question is: why not patch it, even as a temporary, defense-in-depth, compensating control kind of fix, and move on, while a longer-term solution was being developed? And if the issue was serious enough that AWS leadership ultimately felt compelled to raise concerns with the U.S. Federal Government, what happened before that point? From the outside, it appears less like a technical challenge and more like a breakdown in vulnerability disclosure and remediation coordination. Both sides disagree on whether there was anything to patch. Anthropic says the technique surfaced previously known, minor issues, was reproducible on other public models, and did not point to a flaw in Fable 5's safety systems. In cybersecurity, the expectation is usually that researchers and vendors work together to understand the issue, validate the findings, and deploy fixes before matters escalate. What makes this different from a normal disclosure is the escalation path. This did not run through coordinated disclosure. A major investor (@amazon is a major investor in Anthropic) reportedly took it directly to @USTreasury , and the model came down through export controls rather than a patch cycle. I'm curious whether others see this as primarily a technical issue, a process issue, a trust issue, or something else entirely. #AISecurity #AISafety #Anthropic #ClaudeAI #CyberSecurity #VulnerabilityDisclosure #AIGovernance #ResponsibleAI #ModelSecurity #TrustAndSafety #CISO #AIPolicy

Anshu Gupta

@fromanshu

10 days ago

🚀 Calling all students: the @Microsoft Student Ambassador program is open, and the 2026 version is built differently. No application. No interview. No gatekeeping. If you're a curious student in any discipline, you sign up, onboard, and start building. This is a global community of students who learn, lead, and grow together across AI, Cloud, Development, Cybersecurity, Data Science, and beyond. You don't need a coding background to start. You just need to be eager to learn and willing to help others do the same. What you get as you progress through Alpha, Beta, and Gold milestones: 🤖 Microsoft 365 Copilot access ☁️ $150/month in Azure credits 💻 Visual Studio Enterprise 📚 LinkedIn Learning and certification vouchers 🎁 Exclusive Ambassador swag 🌍 A global network and real leadership experience 🏅 A pathway toward Microsoft MVP If you want to turn potential into proof and build a track record that speaks for itself, this is one of the best free programs out there for students. 🔗 Get started: https://t.co/b8N5Xl8L5d Tag a student who should see this. 👇 #MLSA #MicrosoftLearn #StudentAmbassador #AI #CloudComputing #Cybersecurity #DataScience #CareerGrowth #LearnBuildLead

119

Anshu Gupta

@fromanshu

10 days ago

The latest word on the street...the keyword here is "reportedly" Article link - https://t.co/BQXRZZbool I am doing a session on "Anthropic Claude Fable 5 & Claude Mythos 5 - A Real Primer For All" on Monday, June 15th 12 - 1 PM PDT which will have a lot of interesting tidbits like this. Don't miss it. Registration link - https://t.co/LQgV60kIYP

fromanshu's tweet photo. The latest word on the street...the keyword here is "reportedly"

Article link - https://t.co/BQXRZZbool

I am doing a session on "Anthropic Claude Fable 5 & Claude Mythos 5 - A Real Primer For All" on Monday, June 15th 12 - 1 PM PDT which will have a lot of interesting tidbits like this. Don't miss it.

Registration link - https://t.co/LQgV60kIYP

Anshu Gupta

@fromanshu

10 days ago

Most people assume that turning OFF training means their AI conversations aren't retained. That's not true. For consumer users of @AnthropicAI Claude (Free, Pro, and Max plans), conversations may still be retained for up to 30 days - even when you opt out of having your data used for model improvement. Let that sink in. Many users confuse: Model training, Data retention, Data deletion They are not the same thing. This is just one of many interesting facts I uncovered while researching the latest Anthropic Claude ecosystem. If you would like to know more, join us for this session: 🎭 Anthropic Claude Fable 5 & Claude Mythos 5 – A Real Primer For All 📅 Monday, June 15, 2026 ⏰ PM – PM PDT 🔗 Registration link - https://t.co/LQgV60kIYP #Anthropic #ClaudeAI #AISecurity #Privacy #CyberSecurity #GenAI #AIGovernance #CISO #ArtificialIntelligence #DataPrivacy

fromanshu's tweet photo. Most people assume that turning OFF training means their AI conversations aren't retained.

That's not true.

For consumer users of @AnthropicAI Claude (Free, Pro, and Max plans), conversations may still be retained for up to 30 days - even when you opt out of having your data used for model improvement.

Let that sink in.

Many users confuse: Model training, Data retention, Data deletion

They are not the same thing.

This is just one of many interesting facts I uncovered while researching the latest Anthropic Claude ecosystem.

If you would like to know more, join us for this session:

🎭 Anthropic Claude Fable 5 & Claude Mythos 5 – A Real Primer For All

📅 Monday, June 15, 2026
⏰ PM – PM PDT

🔗 Registration link - https://t.co/LQgV60kIYP

#Anthropic #ClaudeAI #AISecurity #Privacy #CyberSecurity #GenAI #AIGovernance #CISO #ArtificialIntelligence #DataPrivacy

Anshu Gupta

@fromanshu

12 days ago

Happening now at 12 PM PST, June 12th 2026 Career Warm Up for Cyber Professionals No one's job is safe, it is better to warm up than be caught unawares. First 30 mins I will share some tips (my Top 9 mistakes) and next 30 mins we will be discussing as a group on what is working and what is not working and sharing best practices https://t.co/FINhg8MUvR

Anshu Gupta

@fromanshu

13 days ago

Announcing the 𝗧𝗲𝗷𝗮𝘀 𝗖𝘆𝗯𝗲𝗿 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗖𝗮𝗺𝗽𝘂𝘀 𝗔𝗺𝗯𝗮𝘀𝘀𝗮𝗱𝗼𝗿 Program 🎓⚡ We are bringing cybersecurity learning, mentorship, and career opportunities directly to university campuses, and we are looking for student leaders to make it happen. As a Tejas Campus Ambassador, you will: 🔹Represent Tejas at your university and host campus events 🔹Get direct mentorship from CISOs and security leaders 🔹Receive free General Membership ($150 value) plus early access to events and hackathons 🔹Earn a certificate, LinkedIn recommendation, and recognition across Tejas channels Open to BS/MS students in Cybersecurity, Computer Science, or related fields at US and international universities. We select a limited number of ambassadors per region each semester, and applications are reviewed on a rolling basis. 𝗔𝗽𝗽𝗹𝘆 𝗵𝗲𝗿𝗲: https://t.co/ze0x0NZOjO If you are a professor, CISO, or security leader, tag a student who should see this. That one tag could launch a career. #Cybersecurity #CampusAmbassador #StudentLeadership #CyberCareers @tejascybernet #InfoSec

fromanshu's tweet photo. Announcing the 𝗧𝗲𝗷𝗮𝘀 𝗖𝘆𝗯𝗲𝗿 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗖𝗮𝗺𝗽𝘂𝘀 𝗔𝗺𝗯𝗮𝘀𝘀𝗮𝗱𝗼𝗿 Program 🎓⚡

We are bringing cybersecurity learning, mentorship, and career opportunities directly to university campuses, and we are looking for student leaders to make it happen.

As a Tejas Campus Ambassador, you will:

🔹Represent Tejas at your university and host campus events
🔹Get direct mentorship from CISOs and security leaders
🔹Receive free General Membership ($150 value) plus early access to events and hackathons
🔹Earn a certificate, LinkedIn recommendation, and recognition across Tejas channels

Open to BS/MS students in Cybersecurity, Computer Science, or related fields at US and international universities. We select a limited number of ambassadors per region each semester, and applications are reviewed on a rolling basis.

𝗔𝗽𝗽𝗹𝘆 𝗵𝗲𝗿𝗲: https://t.co/ze0x0NZOjO

If you are a professor, CISO, or security leader, tag a student who should see this. That one tag could launch a career.

#Cybersecurity #CampusAmbassador #StudentLeadership #CyberCareers @tejascybernet #InfoSec

169

Anshu Gupta

@fromanshu

13 days ago

Just released - An 𝗔𝗜 𝗜𝗻𝗰𝗶𝗱𝗲𝗻𝘁 𝗥𝗲𝘀𝗽𝗼𝗻𝘀𝗲 𝗣𝗿𝗮𝗰𝘁𝗶𝘁𝗶𝗼𝗻𝗲𝗿’𝘀 𝗣𝗹𝗮𝘆𝗯𝗼𝗼𝗸 from @Microsoft . This playbook is built from Microsoft’s operational experience running AI incident response at scale. The primary use case here is @Microsoft365 Copilot and @Azure AI Services but there are pointers on current state of AI investigation, covering the configuration, queries, and detection rules. For example there are queries like "Find agents with a configured MCP tool" or rules which alert on "AI agent ASCII smuggling detected". It is v1 so I am sure the future versions are only going to get better. https://t.co/jc6g7IE5Fj @msftsecresponse @MicrosoftAI @msftsecurity @MSFTnews

Anshu Gupta

@fromanshu

13 days ago

Don't sleep on interesting AI work being done at Apple. They just launched the 𝗧𝗵𝗶𝗿𝗱 𝗚𝗲𝗻𝗲𝗿𝗮𝘁𝗶𝗼𝗻 𝗼𝗳 𝗔𝗽𝗽𝗹𝗲’𝘀 𝗙𝗼𝘂𝗻𝗱𝗮𝘁𝗶𝗼𝗻 𝗠𝗼𝗱𝗲𝗹𝘀 https://t.co/rCvIKeSBYE

fromanshu's tweet photo. Don't sleep on interesting AI work being done at Apple. They just launched the 𝗧𝗵𝗶𝗿𝗱 𝗚𝗲𝗻𝗲𝗿𝗮𝘁𝗶𝗼𝗻 𝗼𝗳 𝗔𝗽𝗽𝗹𝗲’𝘀 𝗙𝗼𝘂𝗻𝗱𝗮𝘁𝗶𝗼𝗻 𝗠𝗼𝗱𝗲𝗹𝘀

https://t.co/rCvIKeSBYE https://t.co/cTy9cu84RX

Anshu Gupta

@fromanshu

14 days ago

@AnthropicAI Claude Fable 5 & Claude Mythos 5 - A Real Primer For All If you would like to learn what Claude Fable 5 & Claude Mythos 5 are all about, join me this session to learn everything about them. This is not a high level session but a "learning oriented" session where you will walk away with real details to talk confidently about Claude Fable 5 & Claude Mythos 5 with anyone. https://t.co/LQgV60kIYP

Anshu Gupta

@fromanshu

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users