This week in AI security: a governance document and a patch count.

OpenAI released its Frontier Governance Framework on May 29. It's a formal document mapping their safety practices to the EU AI Act and California's TFAIA. The framework covers four risk domains — cyber offense, CBRN threats, harmful manipulation, and loss of control — and defines "systemic risk" as more than 50 fatalities or $1 billion in damage from a single incident.

The most interesting part: OpenAI rates a "Tier 3" cyber risk as a model that can autonomously find and develop zero-day exploits in hardened real-world systems. They're publishing their own definitions of how dangerous their models can get. That's a proactive compliance move ahead of incoming regulation.

Anthropic went a different direction. Claude Security hit public beta for Enterprise customers on May 22 using Opus 4.7 for code vulnerability scanning and auto-patching.

Results after three weeks: 2,100+ vulnerabilities patched.

Partners embedded in the product: CrowdStrike, Palo Alto Networks, SentinelOne, Trend.ai, Wiz. Service partners deploying it: Accenture, BCG, Deloitte, Infosys, PWC.

And behind Claude Security: Project Glasswing, where Claude Mythos Preview has found 10,000+ high-severity bugs across critical software. Mozilla Firefox alone: 271 vulnerabilities, 10x more than an older Claude model found in the same codebase.

The contrast is the story.

OpenAI is building the governance layer — the framework enterprises need to get legal and compliance sign-off. Anthropic is building the tool and publishing the receipts — the patch counts and partner names that engineering teams care about.

Both matter. Enterprise AI security buyers need both. The question is which builds more durable advantage.

Mythos full release is expected in the coming weeks. When a model purpose-built for vulnerability discovery ships publicly, this space gets a lot more contested.

That's the week. AI in security has moved from research to deployment — with numbers to prove it.