OX now operates with the same offensive reasoning that threat actors use, applied to protection.
OX Security today announced that it has joined Anthropic’s Cyber Verification Program, gaining verified access to the full dual-use capabilities of Claude for defensive security work.
Anthropic recently added real-time safeguards to its most capable models. By default, those safeguards restrict two categories of cybersecurity activity: prohibited use, such as ransomware development or mass data exfiltration, and high-risk dual use – work with genuine defensive purposes that could also be misused, such as vulnerability exploitation and offensive security tooling.
The Cyber Verification Program is the application-based pathway that lets verified defenders lift restrictions on that second category for legitimate work.
For application security, the dual-use line is sharpest. You cannot know whether a vulnerability is real by reading a scanner report. You have to try to exploit it the way an attacker would. That is exactly the work default safeguards tend to block – which is why so much of the industry has settled for long lists of theoretical findings instead of proof.
Verified access sharpens every layer of the OX Platform. OX Agentic Pentester runs continuous adversarial testing, proving what an attacker could actually exploit and routing each verified issue back to the developers who can fix it. OX VibeSec prevents vulnerabilities in AI-generated code before they’re written. OX Code detects and remediates risk across the codebase and supply chain before production. OX Cloud ties runtime exposure back to its origin in code.
“We’re glad to participate in Anthropic’s Cyber Verification Program and contribute to keeping our community safe,” said Neatsun Ziv, CEO and co-founder of OX Security. “It means verified access to Claude’s full capabilities for offensive security work, now integrated across our entire platform – one more powerful tool in our mission to secure software from the moment it’s written to the moment it runs in production.”
The asymmetry this industry has lived with – attackers running AI while defenders waited for permission – has a shorter shelf life today. OX now operates with the same offensive reasoning that threat actors use, applied to protection. The gap is closing. From our side, for once.
