Today we release the first output from AISI's Strategic Awareness team 🚀 To track AI progress, we map key limitations of current systems: performance limitations on certain task types, insufficient reliability, insufficient adaptability, and low capacity for original insights 🧵

Appreciate Ken McCallum, head of MI5's kind words about @AISecurityInst

We’ve conducted the largest investigation of data poisoning to date with @AnthropicAI and @turinginst. Our results show that as little as 250 malicious documents can be used to “poison” a language model, even as model size and training data grow 🧵

@AlexandraSouly @AnthropicAI @turinginst Our team is hiring! Much more to do here and in other areas.

A tremendous amount of careful work went into testing this--particular shoutout to @AlexandraSouly who approached this with her usual clarity & rigour. And fun to collaborate with @AnthropicAI and @turinginst!

Very excited this paper is out. We find that the number of samples required for backdoor poisoning during pre-training stays near-constant as you scale up data/model size. Much more research to do to understand & mitigate this risk!

👇👇👇

My friends, today I am excited to announce AI Sequrity (@aisequrity). Our mission is to provide developers and enterprises a painless and stress-free deployment of AI that is secure by design. You heard this right. You can deploy your AI agents and get guaranteed security. The

@dwarkesh_sp Most people misunderstand books as data for pertaining when it’s more a set of prompts for synthetic data generation.

I'll be mentoring for this - consider applying if you want to work with me on scalable oversight, AI control or CoT monitoring (or with one of many other awesome mentors)!

Today I’m launching @Irregular (formerly Pattern Labs) with my friend and co-founder Omer Nevo: Irregular is the first frontier security lab. Our mission: protect the world in the era of increasingly capable and sophisticated AI systems.

More in the OAI blog post: https://t.co/oKFcmQdvqo They are also excellent collaborators:

Ben and team are extremely good—e.g. check out their cool work w OpenAI!

AISI’s blog: https://t.co/pRXyjhddAd AISI’s post:

~2 years ago @alxndrdavies pitched me, in a room overlooking Big Ben, on why AISI needed a team to independently assess frontier AI safeguards, not just dangerous capability evals. The team he’s built since is world-leading. Great to have these collabs public.

This team at UK AISI was incredible at discovering jailbreaking techniques for our prototype defenses. Their attacks helped us to make some critical decisions and achieve the robustness that we did for mitigating CBRN risks on Opus 4. They’re now hiring!

Our safeguards for bio risk and agentic deployments were stress-tested by the US CAISI and UK AISI & we iterated together towards ever higher robustness and reliability: https://t.co/gT1fM3L264

It's been great to collaborate with Xander and other at UK AISI and CAISI to strength our jailbreak defences!

If you want to join a six-person red team in the heart of government, we're hiring and so are other teams at AISI! More info: Anthropic blog: https://t.co/voNNtWv2Qk OAI blog: https://t.co/oKFcmQdvqo AISI careers: https://t.co/e51h4ctDnj 6/6

These collaborations strengthen safeguards of widely used systems by drawing from relevant gov expertise, and also keep governments informed. I'm particularly excited that much of this work was done jointly with US CAISI, who have been strong technical collaborators. 5/6