Forget the model. When it comes to cybersecurity, it’s all about the harness Cato Networks research shows that pairing OpenAI's GPT-5.5 with a custom 'harness' enabled autonomous AI agents to complete full cyberattack chains, including gaining domain admin privileges, in as little as 40 minutes. The findings highlight that the effectiveness of AI in cybersecurity depends more on the operational context provided by the harness than on the frontier model itself. Forget the model. When it comes to cybersecurity, it’s all about the harness As AI-enabled hacking becomes a bigger threat for cybersecurity and national security, public attention has focused on mainly a few leading frontier AI https://cyberscoop.com/tag/artificial-intelligence-ai/ companies developing more powerful large language models. These models, and the billions of dollars behind https://cyberscoop.com/ai-cybersecurity-market-trends-2026-op-ed/ them matter, but they’re only part of a larger shift. Enterprises are now building their own technology platforms that take these general-purpose LLM https://cyberscoop.com/tag/large-language-models/ s and turn them into bespoke cybersecurity tools. Industry professionals refer to these tools as a “harness.” They control the model’s behavior, limit its risks, and connect it to internal IT systems and networks so it can work reliably at scale. New research from Cato Networks https://cyberscoop.com/tag/cato-networks/ shared exclusively with CyberScoop shows how much power can come from a harness. It paired OpenAI’s ChatGPT 5.5 and GPT 5.5-Cyber models with its own tool and tested the abilities of the agent to hack into a victim network with as little human direction as possible. Across six different scenarios, the pairing achieved complete end-to-end attack chains, including domain administrator privileges and Active Directory access, sometimes in as little as 40 minutes. “What was most surprising is that first we saw that it was capable of doing accelerated reasoning and attack, and interacting and doing all this by itself, like doing all of the stages of the attacks,” said Guy Weisel, a tech evangelist at Cato Networks and one of the authors behind the research. Critically, the most successful scenarios happened when the model was given appropriate operational context from the technical harness developed by Cato Networks. “It does support that it’s not just about the frontier model,” said Weisel. “We found that our harness really helps the reasoning” of the LLM. The agent was given some – but not abundant – resources to complete its tasks, including an external Kali Linux attack host, the simulated target’s public IP address and a set of low-level domain credentials acquired through phishing. It was not provided with any other details, and had to probe further for key information, such as further knowledge of the server type Microsoft Exchange , the target’s operating system, version, build number, internal network topology, access to higher privilege accounts and other critical assets, nor was agent given any predetermined attack paths. The Cato Networks research uses OpenAI models, but only as an example. Weisel said he believes other models would likely achieve similar results. In any event, if current trends hold https://techcrunch.com/2026/07/14/the-real-ai-race-may-no-longer-be-at-the-frontier-open-models-hugging-face/ , the kind of capabilities provided by LLMs like GPT 5.5 are likely to be open-source within a year. Cato Networks is far from alone. Most enterprises have their own AI harnesses, and executives tell CyberScoop they are playing an increasing role in more effectively steering the frontier model workflows. While AI tools can struggle to duplicate human workflows in other areas, LLMs have long shown potential in cybersecurity and coding, improving greatly over the past few years. The Trump administration has set up a new federal clearinghouse https://cyberscoop.com/trump-gold-eagle-ai-cyber-clearinghouse/ for exchanging information between the public and private sectors on AI-discovered vulnerabilities, while European groups are setting up their own organizations to coordinate globally https://cyberscoop.com/paris-peace-forum-intaic-ai-cyber-threats/ on AI cyber threats. Eric Doerr, chief product officer at Tenable https://cyberscoop.com/tag/tenable/ , told CyberScoop a harness used in the company called “Hexa” offers a defensive advantage: it can work with different commercial LLMs while delivering consistent results. “One of the first things we do when we get a new model is say ‘Well, let’s run it through Hexa and see what we learn,’” said Doerr. “We have a whole bunch of benchmarks. Is it the same, is it better? Where is it better? Where is it worse?” Hexa is meant to ensure that whichever model or models become dominant, Tenable will be able to integrate it into their tech stack and protect their most sensitive assets from unintended behaviors. That frees up the LLM to do what it does best: find vulnerable code and establish attacker pathways for exploiting them. “For years, it has been true that there are way more potential issues that a company has to deal with: code vulnerabilities, things that are unpatched, misconfigurations,” said Doerr. “There’s way more than you can actually remediate, and you really need to understand the difference between what’s a theoretical problem and a real problem.” Dan Rapp, chief AI and data officer at Proofpoint https://cyberscoop.com/tag/proofpoint , said their harness, “Satori,” has become a critical tool for keeping their agentic AI on track while giving humans the ability to step in when things go awry. “I think what you’re seeing in the foundation of frontier models is you have raw intelligence, raw reasoning power, but to get these systems to perform the way you want to, both context engineering – the content provided ensuring that its accurate and relevant – and the harness engineering are essential to actually get the systems to perform well,” Rapp told CyberScoop. That was a common theme in interviews with companies. While frontier models come and go, or are overtaken by international competitors, there will always be the need for the model to operate with data and context that often only the organization can provide. It suggests that while policymakers and cybersecurity experts have focused on the spread of newer and more powerful frontier models, industry – and likely soon the cybercriminal underground — has quickly developed the kind of technical infrastructure that is becoming far more important to AI cyber defensive and offensive tasks. “We’ve had to bootstrap quite a few of these systems from first principles, and what it always boils down to is how effective you are with the tool calling… bringing in data, enriching the context,” said John Hopper, vice president of product engineering at SpecterOps.