Testing our safety defenses with a new bug bounty program
What happened
Anthropic launched a formal vulnerability rewards program via HackerOne, primarily targeting cybersecurity research on Fable 5. This is the first such structured bug bounty program for a frontier AI model from Anthropic.
Context and impact
The program follows the publication of the CJS (Cyber Jailbreak Severity) framework developed jointly by Anthropic, Amazon, Microsoft, and Google. The goal is to systematically collect cybersecurity vulnerabilities and assess their severity before exploitation — and prevent disproportionate government responses to newly discovered jailbreaks.
Details
- Program runs via HackerOne, the industry standard for managed bug bounties
- Focused on cybersecurity vulnerabilities in Fable 5
- Rewards assessed against the CJS five-tier severity scale (CJS-0 to CJS-4)
- First formal bug bounty for a frontier model from Anthropic
- Tied to Anthropic's commitments to government partners on AI safety
Open original source
Anthropic