Anthropic has officially implemented the AI Safety Level 3 (ASL-3) Deployment and Security Standards alongside the launch of its latest AI model, Claude Opus 4. These enhanced security measures are designed to strengthen protections against misuse and unauthorized access, particularly focusing on preventing the development or acquisition of chemical, biological, radiological, and nuclear (CBRN) weapons through AI misuse.

What does ASL-3 mean for Claude Opus 4?

The ASL-3 Security Standard introduces stricter internal controls to safeguard the model’s core intelligence — its weights — making theft significantly more difficult. Deployment standards at this level target a narrow range of risky uses, specifically aiming to limit AI assistance in dangerous CBRN workflows without broadly restricting legitimate queries. While Claude Opus 4 is deployed with these protections as a precaution, Anthropic has yet to conclusively determine if the model’s capabilities definitively require ASL-3 measures.

Challenges in Assessing AI Risks

Evaluating the dangerous capabilities of advanced AI models is complex and time-consuming. As models grow more capable, it becomes increasingly challenging to accurately gauge risks. By proactively adopting ASL-3 standards, Anthropic aims to streamline future deployments and enhance its defensive measures through ongoing refinement based on real-world experience.

Key ASL-3 Deployment Measures

Anthropic’s deployment approach to ASL-3 focuses on preventing AI misuse in highly sensitive areas related to CBRN weapons. The company has adopted a three-pronged strategy.

• Hardening Against Jailbreaks: Using Constitutional Classifiers, the system actively monitors inputs and outputs in real-time to block harmful requests.
• Detecting Jailbreak Attempts: A bug bounty program and extensive monitoring help identify attempts to bypass safeguards.
• Iterative Defense Improvements: The company continuously refines its defenses using synthetic data and updated classifiers to respond to emerging threats.

These measures focus specifically on blocking complex, workflow-enhancing misuse while allowing standard information queries to proceed with minimal disruption.

Strengthened Security Controls to Protect Model Integrity

Security efforts prioritize preventing unauthorized access to model weights — the critical components that define AI intelligence. Over 100 security controls are in place, including two-party authorization and software allowlisting, aimed at thwarting sophisticated attackers.

A standout innovation is the implementation of egress bandwidth controls, which limit the flow of data leaving secure environments. This approach leverages the large size of model weights to detect and block unusual data transfers, providing a significant security advantage against data exfiltration attempts.

Moving Forward with Vigilance and Collaboration

Anthropic acknowledges that determining appropriate safety measures for frontier AI is an ongoing process. The company plans to continuously refine ASL-3 standards based on practical experience and evolving threats. Collaboration with industry partners, governments, and civil society remains a priority to enhance AI safety universally.