Twine Is Anthropic Cyber Verified
Raising the Bar for Trusted AI Identity Operations


TL;DR
Twine is now part of Anthropic's Cyber Verification Program (CVP), which verifies that an organization's use of frontier AI for security work is grounded in defensive objectives.
- For security leaders evaluating AI vendors, that's rare external signal. Most vendors say "trust us." Verification gives you something you can check.
- For Twine customers, Alex's identity security work runs on frontier AI with safeguards at the model layer and Twine's control membrane at the action layer.
- Nothing changes about how you control Alex: human-in-the-loop approvals, per-action autonomy, and audit trails still govern every task.
What Is the Anthropic Cyber Verification Program?
The Anthropic Cyber Verification Program (CVP) is a free, application-based program that verifies organizations whose cybersecurity use of Anthropic's most capable Claude models serves a legitimate defensive purpose. Verified organizations can apply Claude to dual-use security tasks that are blocked by default, such as detailed threat modeling and adversarial simulation, provided the work is grounded in defensive objectives.
The program exists because Anthropic rolled out real-time cyber safeguards on its most capable models. These safeguards automatically detect and block requests that may indicate prohibited or high-risk cybersecurity usage. The same model capabilities that help defenders find and fix weaknesses could help attackers exploit them, so Anthropic blocks the risky categories by default and verifies the organizations that have a legitimate reason to work in them.
The safeguards distinguish two categories of activity:
How the Verification Process Works

- An authorized admin applies on behalf of the organization through Anthropic's Cyber Use Case Form, describing the defensive use case. Verification is tied to a specific organization ID, not to individuals.
- Anthropic reviews the application and aims to return a decision within 2 business days.
- Approved organizations can proceed with legitimate dual-use defensive work. Prohibited activities remain blocked for everyone, verified or not, and Anthropic maintains an appeals process for false positives.
The structure matters as much as the speed. Verification is scoped, revocable, and bounded: it widens what a verified organization can do for defensive purposes without removing the guardrails that keep the most dangerous capabilities locked for everyone.
How the Program Works With Twine
Twine builds AI Digital Employees for enterprise security teams, starting with Alex, our first AI Digital Employee, an IAM expert who joins your team to execute identity work end-to-end: resolving ticket backlogs, improving governance, and strengthening identity security posture.
That work is defensive by definition. But serious identity security work lives close to the dual-use line. Strengthening identity posture means reasoning about how access could be abused: modeling attack paths through entitlements, analyzing how standing privilege gets misused, understanding how orphaned accounts and stale access become entry points. A model that refuses to think about misuse cannot help you defend against it.
It also fits how Twine already thinks about trust. Twine's position has always been that autonomy without control is a non-starter in the enterprise. Every action Alex takes runs through the control membrane: you set the autonomy level per action, approvals are human-in-the-loop by design, and every decision is logged with traceable reasoning. The CVP adds an independent layer underneath that, at the model level. Two layers, two different parties enforcing them:
What This Means for Twine Customers

Layered control
Anthropic's safeguards constrain the model layer. Twine's control membrane constrains the action layer. You keep per-action autonomy settings, human-in-the-loop approvals, and audit trails over everything Alex executes, and the models underneath operate inside independently enforced boundaries.
Continuity of work
Real-time safeguards are designed to stop bad actors, but unverified legitimate work can get caught in them. Verification means Alex's identity security tasks, from attack path analysis to remediation campaigns, are recognized as defensive and can proceed without interruption.
Faster due diligence
AI vendor risk reviews are getting longer, not shorter. CVP verification gives your procurement and risk teams a concrete, checkable data point about how Twine operates, which is more than most AI vendors can put on the table.
Frequently Asked Questions
What is the Anthropic Cyber Verification Program?
It is a free, application-based program from Anthropic that verifies organizations whose cybersecurity use of Claude models has a legitimate defensive purpose. Verified organizations can use Anthropic's most capable models for dual-use security tasks that are blocked by default, such as threat modeling and adversarial simulation.
Does verification mean Anthropic endorses Twine's products?
No. Verification confirms that Twine's use of Anthropic's models is grounded in defensive security objectives. It is not a product endorsement, a partnership announcement, or a security certification.
Does this change how much autonomy Alex has in my environment?
No. Your team still sets the autonomy level for every action through the control membrane, approvals remain human-in-the-loop, and every action is logged with traceable reasoning. The CVP operates at the model layer; your controls operate at the action layer. Both stay in force.
Why do AI model safeguards matter for identity security?
Identity security work overlaps with dual-use territory. Defending against access abuse requires reasoning about how access gets abused: attack paths through entitlements, misuse of standing privilege, exploitation of orphaned accounts. Model safeguards block that reasoning by default for unverified users. Verification lets defensive teams do this work while the highest-risk capabilities stay locked for everyone.
What should I ask other AI vendors about this?
Ask which frontier model providers they build on, whether those providers enforce cyber safeguards, and whether the vendor has been verified for defensive use. The answers tell you a lot about how seriously a vendor treats the dual-use problem.
Trust in agentic AI isn't built with adjectives. It is built with mechanisms you can inspect: who enforces what, at which layer, with what evidence. The Cyber Verification Program adds an independent mechanism at the model layer, and it sits underneath the controls Twine customers already hold at the action layer. That is what progress on AI trust actually looks like: fewer promises, more checkpoints.

