Gray Swan

Data gathering in process

Enterprise AI security platform from CMU researchers. Created foundational LLM vulnerability research (GCG, Circuit Breakers) and safety benchmarks (HarmBench, WMDP, AgentHarm).

HQUS

Est2024

Size11-50

EU AI ActLimited Risk

grayswan.ai

Score

64.7 / 100

Evidence

7 items

Strong safety posture with established governance frameworks and active risk management.

Strengths:Governance Maturity, Technical Safety, Risk Assessment, External Engagement

Weaknesses:Regulatory Readiness

Focus Areas

ai securityred teamingadversarial robustnesssafety benchmarks

Safety Profile

Security Assessment

Security-relevant indicators for vendor evaluation

Security Posture

TS-01dim: 78

Red Teaming & Pre-deployment Testing

Adversarial testing before deployment

TS-05dim: 78

Robustness & Adversarial Resilience

Resistance to adversarial attacks

RA-01dim: 72

Sector-Specific Risk Assessment

Risk analysis for deployment context

RA-03dim: 72

Dual-Use & Misuse Risk

Dangerous capability awareness

RA-07dim: 72

Incident History & Track Record

Past incidents and response quality

EE-04dim: 80

Vulnerability Disclosure Program

Bug bounty or CVE reporting process

Incident History

Gray Swan incident records sourced from AIAAIC Repository and public reporting.

Integration: AIAAIC, OECD AI Incidents Monitor

Third-Party Audits

External audit reports, SOC 2 attestations, and ISO certifications verified where published.

Sources: Company filings, registry lookups

CVE & Disclosures

Known vulnerabilities and security advisories from NVD, GitHub Security Advisories, and vendor pages.

Sources: NVD, GHSA, vendor disclosure pages

Dimension Breakdown

Governance Maturitymedium

Published policies, corporate structure, safety mandate, whistleblowing, executive commitment.

1 evidence items

GM-01

Technical Safetymedium

Benchmarks, adversarial robustness, fine-tuning safety, watermarking, model cards, research output.

2 evidence items

TS-01TS-02

Risk Assessmentlow

Dangerous capability evaluations, thresholds, external testing, bug bounty, halt conditions.

2 evidence items

RA-01RA-03

Regulatory Readinesslow

ISO 42001, EU AI Act compliance, GPAI obligations, international commitments, incident reporting.

External Engagementmedium

Survey participation, research support, transparency, behavior specs, open-source contributions.

2 evidence items

EE-01EE-02

Social Impact & Safety Profile

Strong

Gray Swan's core business is identifying safety vulnerabilities in AI systems before they cause real-world harm. Their red-teaming and adversarial evaluation services have been used by multiple frontier labs and safety-critical deployments. Published research on adversarial robustness contributes to the broader safety ecosystem. Active engagement with the AI safety community and measurable impact through disclosed vulnerability reports.

adversarial testingsafety benchmarkingvulnerability disclosureharm prevention

Why it matters for safety

You cannot claim a model is safe without testing it adversarially. Gray Swan provides the testing infrastructure that makes safety claims verifiable rather than aspirational.

Civilizational Risk Awareness

2/3

Strong practical safety orientation. Focus on making safety engineering rigorous rather than theoretical. Awareness of catastrophic risk is implicit in the work but not structurally encoded in governance.

Responsible Scaling Policy

None

No RSP. As a testing/red-teaming company, an RSP is less directly applicable. The equivalent question is: does Gray Swan have policies governing responsible disclosure of vulnerabilities discovered through adversarial testing?

Mission Drift Protection

1/3

✓Safety mission in company positioning
✓Academic research pedigree creates reputational accountability

○No PBC status
○No structural governance mechanisms
○Academic credibility is a soft constraint, not a hard one

Vulnerability Disclosure

None

No formal CVD programme. For a red-teaming company, this is a significant gap - the core product discovers vulnerabilities, and responsible handling of those discoveries is essential.

Red-teaming companies should have the strongest CVD programmes in the industry. This is a gap that should be addressed as a priority.

Safety Reporting

◇ Irregular

Academic publicationsregular

Blog postsirregular

Academic publications provide regular safety-relevant data. No structured transparency or safety report. For a company whose product generates safety data, publishing aggregate findings on AI vulnerability trends would be highly valuable.

Dual-Use Risk

ModerateAI×Cyber Offensive

Moderate dual-use risk inherent to all security testing tools. The fact that adversarial techniques are published academic research mitigates some risk - these are not secret capabilities. Enterprise customer focus provides soft access controls.

Mitigation details

✓Academic research pedigree and peer review process

✓Customer vetting (enterprise focus)

✓Published adversarial testing methodology is open - attackers already have access to the techniques

○No formal dual-use assessment published

○No independent dual-use review

○No industry standard for red-teaming tool governance exists to benchmark against

Need a detailed report for Gray Swan?

Subscribe to express interest in indicator-level evidence, peer benchmarking, and regulatory gap analysis - or reach out to request a full company overview brief.

Subscribe for Updates Request a Brief

Scoring methodology v0.1 - View full rubric