Lyrie.ai Wants A Piece Of CrowdStrike’s $90B Empire: Inside The First Batch Of Anthropic’s CVP
AI agents are reading executive email at Fortune 500 companies. They are moving stablecoins between corporate treasury wallets. They are closing six-figure procurement contracts on behalf of teams that have never seen the agent. They have been doing this for eighteen months, ever since Anthropic shipped Computer Use in October 2024 and OpenAI released Operator three months later. None of them have a verifiable identity. None of them have scoped authority that can be cryptographically verified. None of them can be revoked.
Dubai-based OTT Cybersecurity LLC, the company behind Lyrie.ai, today made three coordinated announcements that describe the security layer the agentic era has been operating without: a real-time zero-day disclosure system live across global enterprise infrastructure, acceptance into the first batch of Anthropic’s Cyber Verification Program (CVP), and the public release of the Agent Trust Protocol (ATP), an open cryptographic standard for AI agent identity, scope, attestation, delegation, and revocation.
The data underneath the announcement is what makes it land. Flashpoint research shows the average time-to-exploit, the window between a vulnerability being disclosed and being exploited in the wild, has collapsed from 745 days in 2020 to 44 days in 2025. VulnCheck found that 32 percent of known exploited vulnerabilities in the first half of 2025 had evidence of exploitation on or before the day the CVE was published. Google’s Threat Intelligence Group tracked 90 zero-day exploitations across 2025, up 15 percent year over year.
Mandiant’s M-Trends 2025 report puts exploit-driven intrusions as the number-one initial access vector for the fifth consecutive year, responsible for 33 percent of all investigated breaches. IBM’s Cost of a Data Breach report puts the global average at $4.88 million. Lyrie’s pitch is that autonomous research can compress disclosure-to-notification from days into hours, which would flip the structural advantage from attackers back to defenders for the first time in a decade.
The bundle is what makes Lyrie an unusual cybersecurity company. The industry has run on two distinct operating models for twenty years. Mandiant defined the threat-intelligence pattern: customers pay for visibility into active campaigns and staff their own response teams. CrowdStrike defined the endpoint pattern: customers install an agent that watches their fleet and triggers automated response. Wiz extended the endpoint template to cloud workloads. Each generational platform shift has produced one breakout vendor in each pattern, and the two patterns have stayed separate at the buyer-relationship level for two decades.
The agentic AI era is the first platform shift where the two could collapse into a single vendor, because autonomous-agent-to-autonomous-agent traffic at machine speed needs real-time intelligence and identity controls inside the same runtime. Lyrie is positioning to be that vendor.
Founder and CEO Guy Sheetrit’s framing is direct:
AI security is not a product category that sits alongside AI infrastructure. It is the layer AI runs on top of.
Cybersecurity vendor formation has historically run along a Tel Aviv to San Francisco axis, and Dubai-founded operators are rare in the category. OTT Cybersecurity’s choice of base is consistent with the UAE’s broader positioning as a regulator-friendly AI hub, anchored by the Ministry of AI established in 2017 and the Technology Innovation Institute in Abu Dhabi that produced the Falcon LLM family. For the buyers Lyrie’s pitch is aimed at, sovereign wealth managers, central bank IT teams, infrastructure operators in regulated industries, a vendor headquartered inside a recognized AI-regulatory jurisdiction is structurally easier to procure than one running out of an unregulated startup district, specifically for AI and cybersecurity.
THE ZERO-DAY GAP THE INDUSTRY HAS NOT CLOSED
The structural problem Lyrie is targeting is one of the most well-documented failures in modern cybersecurity. Vulnerabilities are routinely exploited in the wild for days, weeks, or months before affected organizations are notified, and the gap is widening rather than closing. Flashpoint research finds that the average time-to-exploit, the window between a vulnerability’s disclosure and its first observed exploitation, has collapsed from 745 days in 2020 to just 44 days in 2025. VulnCheck data is starker still: 32.1 percent of known exploited vulnerabilities in the first half of 2025 had evidence of exploitation on or before the day the CVE identifier was published. Google’s Threat Intelligence Group tracked 90 zero-day exploitations in 2025, a 15 percent increase year over year, with 48 percent targeting enterprise technologies.
The numbers underneath those figures matter for context. IBM puts the global average cost of a data breach at $4.88 million. Mandiant’s M-Trends 2025 report finds that exploit-driven intrusions were the number-one initial access vector for the fifth consecutive year, responsible for 33 percent of all investigated intrusions. Organizations take an average of 60 to 150 days to deploy a critical patch. The window between disclosure and exploitation is now shorter than the window between exploitation and remediation, which means the structural advantage sits with the attacker by default.
Lyrie’s response to this gap is an autonomous threat intelligence engine that continuously monitors global infrastructure, open-source repositories, API surfaces, and agent-to-agent communication channels to identify zero-day vulnerabilities as they emerge. When a zero-day is confirmed, the system generates a disclosure package that includes proof-of-concept analysis, impact assessment, and remediation guidance for affected organizations. In verified cases tracked by the company, affected organizations have received patch packages and remediation guidance from Lyrie’s team within hours of discovery, not after public disclosure. The mechanical claim is that compressing time-to-notification from days into hours flips the structural advantage back toward defenders for the first time in a decade.
WHAT THE ANTHROPIC CVP ACCEPTANCE SIGNALS
The second milestone, acceptance into the first batch of Anthropic’s Cyber Verification Program, is the institutional validation layer for the technical claim. The CVP is Anthropic’s framework for verifying legitimate dual-use cybersecurity operators, the security professionals whose work involves the same offensive techniques and tooling that are blocked by default on Claude for safety reasons. Inclusion in the program unlocks access to dual-use capabilities for verified security researchers while preserving the safety controls that apply to general users.
Being in the first batch matters more than being in a later cohort. Anthropic’s CVP is the most visible attempt by a frontier AI lab to formalize the boundary between security research and weapon-style misuse of AI. The vendors selected first are the ones Anthropic is willing to publicly associate with the legitimate dual-use category, which has implications well beyond the immediate technical permissions. It positions Lyrie as a reference point for what verified AI-era cybersecurity looks like, in a category where the rules are still being written.
THE AGENT TRUST PROTOCOL BET
The third milestone is the systemic bet. Enterprises and governments are deploying autonomous AI agents at unprecedented speed: agents that read email, write code, move money, sign contracts, and act on behalf of human operators. The security model for those agents has not existed at enterprise scale. Every AI agent operating online today is, in Sheetrit’s framing, a stranger. The system on the receiving end does not know who the agent is, what it has been authorized to do, or whether it or its instructions have been tampered with.
The Agent Trust Protocol is Lyrie’s bet on becoming the foundational identity layer that closes that gap. ATP is an open cryptographic standard, royalty-free, MIT-licensed, with the reference implementation published at github.com/OTT-Cybersecurity-LLC/lyrie-ai. The protocol lets any system verify, in real time, five attributes of an AI agent: who the agent is, what it is authorized to do, whether it or its instructions have been tampered with, who delegated its authority, and whether that authority has been revoked. The protocol is slated for submission to the Internet Engineering Task Force (IETF) as part of a path toward becoming an internet standard.
The architectural parallel is exact. TLS standardized encrypted communication for the web. OAuth standardized delegated authorization for APIs. ATP is being positioned as the equivalent standard for autonomous AI agents acting on a user’s behalf. The agentic AI era is creating the same kind of foundational identity problem that the web faced in the early 2000s, and the protocol that becomes the answer will define the security stack for the next decade.
WHY THE TIMING MATTERS
The three milestones are reinforcing rather than separate. The real-time zero-day tracking is the defensive product. The CVP acceptance is the credibility frame. ATP is the protocol bet that turns the company into infrastructure rather than a tool. Read together, they describe a company positioning to be picked by enterprise security teams who need both AI-native vulnerability research and AI-agent identity verification in the same vendor relationship.
The competitive context makes the sequencing interesting. The traditional cybersecurity stack, Mandiant, CrowdStrike, Palo Alto Networks, Wiz, was built for an internet where humans triggered actions and machines verified them. The next generation of the stack has to handle an internet where AI agents trigger actions on behalf of humans, and where the verification has to happen at machine speed. Lyrie’s bet is that the company that ships both halves of that problem first, the offensive research engine and the open identity protocol, wins disproportionate ground in the category that replaces the current EDR plus identity-provider duopoly.
THE PATH TO CATEGORY LEADERSHIP
The cybersecurity leaders of each generation share a pattern. They ship the foundational infrastructure layer that the new platform actually needs, they earn institutional credibility through verifiable third-party validation, and they release at least one open standard that the rest of the ecosystem adopts. CrowdStrike did this through Falcon, FedRAMP authorization, and the open-source OpenEDR initiative. Wiz did it through CNAPP, FedRAMP High, and contributions to open cloud security standards. Lyrie is now shipping the equivalent three motions in a single quarter.
The first motion is the foundational product. The real-time zero-day tracking system is the AI-native equivalent of the threat intelligence and EDR layers that made CrowdStrike and SentinelOne category leaders. The structural advantage is that Lyrie’s engine runs at machine speed against an attack surface that includes the agent-to-agent communication channels no incumbent vendor monitors today. The companies that will buy first are the CISO offices at Tier-1 banks, healthcare networks, and critical-infrastructure operators, where compressing time-to-notification from days into hours translates directly into avoided breach costs at the $4.88 million average the IBM Cost of a Data Breach report tracks. Lyrie has verified case-study examples of this disclosure cadence already; the institutional reference releases will follow.
The second motion is the institutional credential. Anthropic’s Cyber Verification Program is the first formal framework from a frontier AI lab that distinguishes legitimate dual-use cybersecurity operators from misuse cases. Being in the first batch establishes Lyrie as a reference point for what verified AI-era cybersecurity looks like, and the cohort effect compounds as parallel programs launch at OpenAI, Google DeepMind, Meta, and Microsoft over the next twelve months. Vendors in the founding cohort across multiple labs become the de facto category leaders for AI-native security, in the same way that early FedRAMP authorizations turned a small set of vendors into the public-sector cybersecurity defaults.
The third motion is the open standard. The Agent Trust Protocol is the bet that compounds across the entire agentic AI ecosystem, not just Lyrie’s product surface. ATP is open, royalty-free, MIT-licensed, with the reference implementation already public and the IETF submission path defined. The architectural parallel is clean. TLS standardized encrypted communication for the web. OAuth standardized delegated authorization for APIs. ATP is positioned to be the equivalent for autonomous AI agents acting on a user’s behalf. The agent surfaces that adopt it first will define the standard for the next decade: OpenAI’s Operator, Anthropic’s Computer Use, Google’s Agent Payments Protocol stack, the Model Context Protocol server ecosystem, LangChain, and the Microsoft Foundry agent runtime are the platforms whose integration converts a vendor protocol into an internet standard.
Read together, the three motions describe a company moving on the same timeline that produced the cybersecurity leaders of the last two platform shifts. The agentic AI era will produce its own category-defining security company. Lyrie has positioned to be that company, and the institutional validation arriving in the first wave is the leading indicator that the positioning is being read correctly by the players who will determine the outcome.
The cybersecurity stack of the next decade is not a question of whether one company defines it. It is a question of which company gets there first. Lyrie’s three milestones, taken together, are the strongest single-quarter move any vendor has made toward that position in the category’s short history.
Don’t forget to like and share the story!
:::tip
HackerNoon has reviewed the report for quality, but the claims, opinions and analysis herein belong to the author. This author is an independent contributor publishing via our business blogging program. #DYOR
:::
