Your organization runs Anthropic Claude. Or OpenAI GPT-5.5. Or Google Gemini. Or you have built your own model on five years of proprietary security data and you are not about to route it through someone else's inference stack. You should not have to rebuild your security platform every time your AI strategy changes.
Safeguard's Multi-Agent TAOR Deep Think AI Engine now supports every major AI model family — and your own privately hosted models — as first-class agents for zero-day vulnerability discovery and automated remediation.
This is not a "bring your own key" wrapper that routes prompts through a different model. Every supported model family operates as an agent within the same multi-agent reasoning architecture — with its own tool access grants, policy boundaries, verification responsibilities, and remediation scope. You get the same confirmed, contextualized, remediation-ready output regardless of which model powers the reasoning.
TL;DR: Safeguard now supports Anthropic Claude Fable 5, Claude Opus, OpenAI GPT-5.5, Google Gemini 3.1, Microsoft Phi-4, Meta Llama 4, Safeguard native models (Griffin · Eagle · Lion), and private model hosting for your own models — all running as agents in the TAOR Deep Think pipeline for continuous zero-day discovery and remediation.
Every Model Family, One Agentic Pipeline
Anthropic Claude — Fable 5, Opus, Sonnet, Haiku, Mythos
Anthropic's model family has been Safeguard's deepest integration since we joined Project Glasswing in April 2026. Claude Fable 5 — released yesterday and already the highest-scoring publicly available model on SWE-Bench Pro at 80.3% — is integrated natively today. Claude Opus 4.8, Sonnet 4.6, Haiku 4.5, and Claude Mythos Preview for Glasswing partners are all supported. Safeguard ships same-day support for new Anthropic releases.
We covered Fable 5's benchmarks and capabilities in depth in our Claude Fable 5 release breakdown. The short version: it scores 29.3% on FrontierCode Diamond — more than double the nearest competitor — which translates directly to zero-day discovery depth in Safeguard's pipeline.
OpenAI GPT — GPT-5.5 and the Full GPT-4 Family
OpenAI's GPT family is deeply embedded across enterprise engineering stacks. Organizations that have built their development workflow around GPT-5.5 — code review, PR summaries, internal tools — can now run Safeguard's zero-day discovery and remediation pipeline on the same model without a context switch. Enterprise customers with existing OpenAI volume agreements can route Safeguard workloads through their contracted capacity, keeping inference costs inside existing commercial arrangements.
GPT-5.5's structured output and function-calling capabilities integrate cleanly with Safeguard's multi-agent orchestration layer, which relies on precise tool schemas and deterministic agent handoffs for verification pipeline reliability.
Google Gemini — 3.1 Pro, Flash, and Ultra
Google Gemini 3.1 Pro and its Flash and Ultra variants are available via Google Cloud Vertex AI and Google AI Studio. Gemini's extended context window integrates with Safeguard's supply chain graph traversal — allowing the model to reason over large dependency trees and cross-file data flows in a single pass — and its multimodal capabilities plug into Safeguard's visual infrastructure analysis pipeline for architecture diagram and network topology review.
Organizations running Google Cloud infrastructure with existing Vertex AI agreements can run Safeguard's zero-day pipeline entirely within their Google Cloud boundary.
Microsoft Phi-4 and Azure OpenAI
Microsoft Phi-4 and Azure OpenAI deployments — including Azure Government and Azure for Operators environments — bring Safeguard into regulated public sector and defense-adjacent contexts where data residency and network boundary requirements rule out non-Azure inference paths. For organizations operating under FedRAMP High or IL5/IL6 constraints, Azure-bounded model inference with Safeguard's orchestration layer running inside the same boundary is the correct deployment architecture.
Microsoft Phi-4's efficiency characteristics also make it relevant for cost-sensitive high-volume scanning workloads where raw frontier performance is less critical than per-finding inference cost.
Meta Llama — Llama 4 and Llama 3.3
Meta Llama 4 and Llama 3.3 support covers self-hosted deployments, cloud-managed variants on AWS, Azure, and Google Cloud, and fine-tuned versions. Llama is the primary option for organizations that require fully air-gapped operation — where no model inference can cross a network boundary and where on-premises hardware must host the entire reasoning pipeline.
Safeguard's local Llama integration runs the full TAOR Deep Think agent graph on-premises, with no telemetry, no outbound model calls, and no cloud dependency. Zero-day discovery and remediation stay entirely within the customer's physical infrastructure.
Safeguard Native Models — Griffin · Eagle · Lion
Safeguard's own Griffin, Eagle, and Lion model lineup — trained exclusively on cybersecurity data — remains the highest-fidelity option for security-only reasoning. Griffin Zero (671B-MoE) through Griffin Lite cover the full deployment envelope from sovereign air-gapped workloads to CI runner sidecar. Eagle provides exploitability-ranked finding queues with cited call-path evidence. Lion handles on-device inline secret detection and policy-bounded autocompletion inside the developer's editor.
The native models are the default for customers who want Safeguard's deepest security reasoning without any general-purpose web-crawl contamination in the training corpus.
Bring Your Own Model: Private Model Hosting
The most significant new capability in this release is private model hosting — and it changes what is possible for organizations that have already invested in building their own AI models.
What Private Model Hosting Is
If your organization has fine-tuned a model on:
- Five years of your own CVE triage history and remediation decisions
- Proprietary exploit research and internal vulnerability patterns
- Your specific codebase's architectural patterns and known-bad code paths
- Regulated or classified security data that cannot leave your environment
…that model is already more valuable than a generic frontier model for your specific security context. The problem, until now, was that to use it in a production security program you had to build the entire orchestration stack yourself — the verification pipeline, the supply chain integration, the remediation automation, the finding triage workflow.
Safeguard's private model hosting deploys your model into an isolated, policy-governed inference environment within Safeguard's platform. Your model becomes a first-class agent in the TAOR Deep Think pipeline — participating in zero-day discovery, verification, and remediation alongside Safeguard's native agents and any frontier models you configure.
Your proprietary model stays within your data boundary. Your fine-tuning data is not exposed to Safeguard's infrastructure. The model's weights are encrypted at rest and only loaded for inference within your isolated environment. Safeguard handles the orchestration, the tool access policy, the verification pipeline, and the remediation automation. You supply the model.
What You Get
The full TAOR Deep Think pipeline, powered by your model. Your fine-tuned model's detection capability — the patterns it has learned from your proprietary data — runs as the primary discovery agent. Safeguard's verification agents cross-check findings against your deployment topology, CVE databases, and exploitability context before they surface to your team. Remediation agents generate fix guidance and pull requests automatically.
Your model's knowledge, Safeguard's reliability. A fine-tuned model without a verification pipeline produces raw output — high recall, unpredictable precision. Safeguard's multi-agent verification layer converts your model's raw detections into confirmed findings with severity context and blast radius assessment.
Supply chain context your model does not have. Your model understands your codebase. Safeguard understands your dependency graph, your package ecosystem, your transitive dependencies, and the full supply chain path from a vulnerable package to your production deployments. Those two knowledge sets together produce a finding that neither could produce alone.
Continuous operation. Your private model runs against every code change, not on a scheduled scan cadence. Zero-day discovery is a continuous property of your pipeline, not a periodic engagement.
Mixing Model Families in a Single Deployment
The architecture supports mixed-model deployments where different agents in the pipeline run different models. A representative configuration:
- Initial zero-day discovery — Claude Fable 5 for its FrontierCode Diamond-tier code analysis depth
- Context enrichment — a privately hosted fine-tuned Llama 4 model for organization-specific vulnerability pattern recognition
- Exploitability reasoning — Safeguard's Eagle model for ranked exploitability assessment with cited call-path evidence
- Remediation generation — GPT-5.5 for teams whose developers are already calibrated to GPT output style for code changes
- Inline developer guardrails — Safeguard's Lion model running locally in the editor
Each agent in the graph operates at the capability level of the model powering it. The verification layer, the supply chain context, and the remediation automation run consistently regardless of which model handles which step.
This is not a configuration option — it is the architecture. The TAOR Deep Think engine treats model selection as a property of each agent node in the graph, not as a global setting for the platform.
Why Model Flexibility Matters for Security Programs
Your AI Policy Is Your Security Platform Constraint
Enterprise AI policies increasingly govern which models can process which data classifications. An organization with a strict policy that all code must be processed only by Azure-hosted models cannot run Safeguard on Anthropic or Google APIs, regardless of benchmark performance. Until today, that meant choosing between organizational AI policy compliance and access to Safeguard's zero-day discovery capability.
Universal model support removes that constraint. Safeguard works within your AI policy, not in conflict with it.
Data Residency Requirements Are Real
GDPR, EU AI Act, DPDP, and sector-specific regulations impose data residency requirements that determine where model inference can occur. An EU-headquartered organization may be legally required to process source code only on EU-located infrastructure. Safeguard's multi-cloud, multi-model architecture supports residency requirements across AWS, Azure, Google Cloud, and on-premises deployments.
Cost Structures Vary
A frontier model at $50 per million output tokens is the right choice for high-value, low-volume analysis — complex zero-day investigation, reverse engineering, architectural vulnerability assessment. A smaller model at $0.50 per million tokens is the right choice for high-volume, lower-complexity triage — checking every new package version against known patterns, running inline completions, scoring findings for the ranked queue.
Safeguard's multi-model architecture lets you match model capability and cost to the specific step in the pipeline it serves.
Frequently Asked Questions
Which AI models does Safeguard support for zero-day discovery? Safeguard supports Anthropic Claude (Fable 5, Opus 4.8, Sonnet 4.6, Haiku 4.5, Mythos Preview), OpenAI GPT (GPT-5.5, GPT-4 family), Google Gemini (3.1 Pro, Flash, Ultra), Microsoft Phi-4 and Azure OpenAI, Meta Llama (Llama 4, Llama 3.3), Safeguard native models (Griffin, Eagle, Lion), and privately hosted custom models.
Can I use my own fine-tuned model with Safeguard? Yes. Safeguard's private model hosting program deploys your model into an isolated inference environment within the Safeguard platform. Your model runs as a first-class agent in the TAOR Deep Think pipeline for zero-day discovery and remediation. Your model weights and data stay within your boundary. Contact press@safeguard.sh to discuss private model hosting.
Can I mix model families within a single Safeguard deployment? Yes. Safeguard supports mixed-model pipelines where different agents use different models. For example, Claude Fable 5 for initial discovery, a private Llama fine-tune for context enrichment, and GPT-5.5 for remediation generation.
Does Safeguard support air-gapped deployments? Yes. Meta Llama 4 and Safeguard's native Griffin models support fully air-gapped deployments where no model inference crosses a network boundary. The full TAOR Deep Think agent graph can run on-premises on customer-provided hardware.
Does model choice affect the quality of zero-day discovery? Model choice affects the depth and character of the reasoning. The platform's verification pipeline, supply chain context, and remediation automation run consistently regardless of model. A frontier model like Claude Fable 5 will find more novel zero-days in complex code. A fine-tuned proprietary model may outperform frontier models on organization-specific patterns. Safeguard's architecture lets you use the right model for the right task.
Is Safeguard's integration with Anthropic Claude Fable 5 live today? Yes. Safeguard integrated Claude Fable 5 on its release day, June 9, 2026. The integration is live for all customers.
The Model Is Not the Platform
The security community spent 2025 arguing about which model would win. The answer in 2026 is that the question is wrong. No single model is optimal for every organization, every data residency constraint, every AI policy, every cost structure, and every vulnerability class simultaneously.
The platform that wins is the one that operationalizes the right model for each context — with verification, supply chain intelligence, and remediation automation that work consistently regardless of which model powers the reasoning.
Safeguard is that platform. The model is your choice. The capability is Safeguard's.
Universal model support and private model hosting are available to all Safeguard customers today. To discuss private model hosting requirements or configure a multi-model deployment, contact us.