{"slug": "forget-the-model-when-it-comes-to-cybersecurity-its-all-about-the-harness", "title": "Forget the model. When it comes to cybersecurity, it’s all about the harness", "summary": "Cato Networks research shows that pairing OpenAI's GPT-5.5 with a custom 'harness' enabled autonomous AI agents to complete full cyberattack chains, including gaining domain admin privileges, in as little as 40 minutes. The findings highlight that the effectiveness of AI in cybersecurity depends more on the operational context provided by the harness than on the frontier model itself.", "body_md": "# Forget the model. When it comes to cybersecurity, it’s all about the harness\n\nAs AI-enabled hacking becomes a bigger threat for cybersecurity and national security, public attention has focused on mainly a few leading frontier [AI](https://cyberscoop.com/tag/artificial-intelligence-ai/) companies developing more powerful large language models.\n\nThese models, and the [billions of dollars behind](https://cyberscoop.com/ai-cybersecurity-market-trends-2026-op-ed/) them matter, but they’re only part of a larger shift. Enterprises are now building their own technology platforms that take these general-purpose [LLM](https://cyberscoop.com/tag/large-language-models/)s and turn them into bespoke cybersecurity tools.\n\nIndustry professionals refer to these tools as a “harness.” They control the model’s behavior, limit its risks, and connect it to internal IT systems and networks so it can work reliably at scale.\n\nNew research from [Cato Networks](https://cyberscoop.com/tag/cato-networks/) shared exclusively with CyberScoop shows how much power can come from a harness. It paired OpenAI’s ChatGPT 5.5 and GPT 5.5-Cyber models with its own tool and tested the abilities of the agent to hack into a victim network with as little human direction as possible.\n\nAcross six different scenarios, the pairing achieved complete end-to-end attack chains, including domain administrator privileges and Active Directory access, sometimes in as little as 40 minutes.\n\n“What was most surprising is that first we saw that it was capable of doing accelerated reasoning and attack, and interacting and doing all this by itself, like doing all of the stages of the attacks,” said Guy Weisel, a tech evangelist at Cato Networks and one of the authors behind the research.\n\nCritically, the most successful scenarios happened when the model was given appropriate operational context from the technical harness developed by Cato Networks.\n\n“It does support that it’s not just about the frontier model,” said Weisel. “We found that [our harness] really helps the reasoning” of the LLM.\n\nThe agent was given some – but not abundant – resources to complete its tasks, including an external Kali Linux attack host, the simulated target’s public IP address and a set of low-level domain credentials acquired through phishing.\n\nIt was not provided with any other details, and had to probe further for key information, such as further knowledge of the server type (Microsoft Exchange), the target’s operating system, version, build number, internal network topology, access to higher privilege accounts and other critical assets, nor was agent given any predetermined attack paths.\n\nThe Cato Networks research uses OpenAI models, but only as an example. Weisel said he believes other models would likely achieve similar results. In any event, [if current trends hold](https://techcrunch.com/2026/07/14/the-real-ai-race-may-no-longer-be-at-the-frontier-open-models-hugging-face/), the kind of capabilities provided by LLMs like GPT 5.5 are likely to be open-source within a year.\n\nCato Networks is far from alone. Most enterprises have their own AI harnesses, and executives tell CyberScoop they are playing an increasing role in more effectively steering the frontier model workflows.\n\nWhile AI tools can struggle to duplicate human workflows in other areas, LLMs have long shown potential in cybersecurity and coding, improving greatly over the past few years. The Trump administration has set up a [new federal clearinghouse](https://cyberscoop.com/trump-gold-eagle-ai-cyber-clearinghouse/) for exchanging information between the public and private sectors on AI-discovered vulnerabilities, while European groups are setting up their own organizations to [coordinate globally](https://cyberscoop.com/paris-peace-forum-intaic-ai-cyber-threats/) on AI cyber threats.\n\nEric Doerr, chief product officer at [Tenable](https://cyberscoop.com/tag/tenable/), told CyberScoop a harness used in the company called “Hexa” offers a defensive advantage: it can work with different commercial LLMs while delivering consistent results.\n\n“One of the first things we do when we get a [new] model is say ‘Well, let’s run it through Hexa and see what we learn,’” said Doerr. “We have a whole bunch of benchmarks. Is it the same, is it better? Where is it better? Where is it worse?”\n\nHexa is meant to ensure that whichever model or models become dominant, Tenable will be able to integrate it into their tech stack and protect their most sensitive assets from unintended behaviors. That frees up the LLM to do what it does best: find vulnerable code and establish attacker pathways for exploiting them.\n\n“For years, it has been true that there are way more potential issues that a company has to deal with: code vulnerabilities, things that are unpatched, misconfigurations,” said Doerr. “There’s way more than you can actually remediate, and you really need to understand the difference between what’s a theoretical problem and a real problem.”\n\nDan Rapp, chief AI and data officer at [Proofpoint](https://cyberscoop.com/tag/proofpoint), said their harness, “Satori,” has become a critical tool for keeping their agentic AI on track while giving humans the ability to step in when things go awry.\n\n“I think what you’re seeing in the foundation of frontier models is you have raw intelligence, raw reasoning power, but to get these systems to perform the way you want to, both context engineering – the content provided ensuring that its accurate and relevant – and the harness engineering are essential to actually get the systems to perform well,” Rapp told CyberScoop.\n\nThat was a common theme in interviews with companies. While frontier models come and go, or are overtaken by international competitors, there will always be the need for the model to operate with data and context that often only the organization can provide.\n\nIt suggests that while policymakers and cybersecurity experts have focused on the spread of newer and more powerful frontier models, industry – and likely soon the cybercriminal underground — has quickly developed the kind of technical infrastructure that is becoming far more important to AI cyber defensive and offensive tasks.\n\n“We’ve had to bootstrap quite a few of these systems from first principles, and what it always boils down to is how effective you are with the tool calling… bringing in data, enriching the context,” said John Hopper, vice president of product engineering at SpecterOps.", "url": "https://wpnews.pro/news/forget-the-model-when-it-comes-to-cybersecurity-its-all-about-the-harness", "canonical_source": "https://cyberscoop.com/ai-cybersecurity-harness-autonomous-hacking/", "published_at": "2026-07-15 15:29:57+00:00", "updated_at": "2026-07-15 16:03:41.857663+00:00", "lang": "en", "topics": ["artificial-intelligence", "large-language-models", "ai-agents", "ai-safety", "ai-policy"], "entities": ["Cato Networks", "OpenAI", "ChatGPT", "GPT-5.5", "Guy Weisel", "Tenable", "Eric Doerr"], "alternates": {"html": "https://wpnews.pro/news/forget-the-model-when-it-comes-to-cybersecurity-its-all-about-the-harness", "markdown": "https://wpnews.pro/news/forget-the-model-when-it-comes-to-cybersecurity-its-all-about-the-harness.md", "text": "https://wpnews.pro/news/forget-the-model-when-it-comes-to-cybersecurity-its-all-about-the-harness.txt", "jsonld": "https://wpnews.pro/news/forget-the-model-when-it-comes-to-cybersecurity-its-all-about-the-harness.jsonld"}}