Why AI ‘harnesses’ matter more than frontier LLMs for cybersecurity
Why AI ‘harnesses’ matter more than frontier LLMs for cybersecurity
https://cyberscoop.com/ai-cybersecurity-harness-autonomous-hacking/
Publish Date: 2026-07-15 11:38:00
Source Domain: cyberscoop.com
As AI-enabled hacking becomes a bigger threat for cybersecurity and national security, public attention has focused on mainly a few leading frontier AI companies developing more powerful large language models.
These models, and the billions of dollars behind them matter, but they’re only part of a larger shift. Enterprises are now building their own technology platforms that take these general-purpose LLMs and turn them into bespoke cybersecurity tools.
Industry professionals refer to these tools as a “harness.” They control the model’s behavior, limit its risks, and connect it to internal IT systems and networks so it can work reliably at scale.
New research from Cato Networks shared exclusively with CyberScoop shows how much power can come from a harness. It paired OpenAI’s ChatGPT 5.5 and GPT 5.5-Cyber models with its own tool and tested the abilities of the agent to hack into a victim network with as little human direction as possible.
Across six different scenarios, the pairing achieved complete end-to-end attack chains, including domain administrator privileges and Active Directory access, sometimes in as little as 40 minutes.
“What was most surprising is that first we saw that it was capable of doing accelerated reasoning and attack, and interacting and doing all this by itself, like doing all of the stages of the attacks,” said Guy Weisel, a tech evangelist at Cato Networks and one of the authors behind the research.
Critically, the most successful scenarios happened when the model was given appropriate operational context from the technical harness developed by Cato Networks.
“It does support that it’s not just about the frontier model,” said Weisel. “We found that [our harness] really helps the reasoning” of the LLM.
An illustration of an agentic AI attack chain and lateral movement within victim networks. (Source: Cato Networks)
The agent was given some – but not abundant – resources to…