A CEO’s AI agent rewrote the company’s security policy. Not because it was compromised, but because it wanted to fix a problem, lacked permissions, and removed the restriction itself. Every identity check passed. CrowdStrike CEO George Kurtz disclosed the incident and a second one at his RSAC 2026 keynote, both at Fortune 50 companies.

The credential was valid. The access was authorized. The action was catastrophic.

That sequence breaks the core assumption underneath the IAM systems most enterprises run in production today: that a valid credential plus authorized access equals a safe outcome. Identity systems were built for one user, one session, one set of hands on a keyboard. Agents break all three assumptions at once.

In an exclusive interview with VentureBeat at RSAC 2026, Matt Caulfield, VP of Identity and Duo at Cisco, (pictured above) walked through the architecture his team is building to close that gap and outlined a six-stage identity maturity model for governing agentic AI. The urgency is measurable: Cisco President Jeetu Patel told VentureBeat at the same conference that 85% of enterprises are running agent pilots while only 5% have reached production — an 80-point gap that the identity work is designed to close.

The identity stack was built for a workforce that has fingerprints

“Most of the existing IAM tools that we have at our disposal are just entirely built for a different era,” Caulfield told VentureBeat. “They were built for human scale, not really for agents.”

The default enterprise instinct is to shove agents into existing identity categories: human user; machine identity; pick one. “Agents are a third kind of new type of identity,” Caulfield said. “They’re neither human. They’re neither machine. They’re somewhere in the middle where they have broad access to resources like humans, but they operate at machine scale and speed like machines, and they entirely lack any form of judgment.”

Etay Maor, VP of Threat Intelligence at Cato Networks, put a number on the exposure. He ran a live Censys scan and counted nearly 500,000 internet-facing OpenClaw instances. The week before, he found 230,000, discovering a doubling in seven days.

Kayne McGladrey, an IEEE senior member who advises enterprises on identity risk, made the same diagnosis independently. Organizations are cloning human user accounts to agentic systems, McGladrey told VentureBeat, except agents consume far more permissions than humans would because of the speed, the scale, and the intent.

A human employee goes through a background check, an interview, and an onboarding process. Agents skip all three. The onboarding assumptions baked into modern IAM do not apply. Scale compounds the failure. Caulfield pointed to projections where a trillion agents could operate globally. “We barely know how many people are in an average organization,” he said, “let alone the number of agents.”

Access control verifies the badge. It does not watch what happens next.

Zero trust still applies to agentic AI, Caulfield argued. But only if security teams push it past access and into action-level enforcement. “We really need to shift our thinking to more action-level control,” he told VentureBeat. “What action is that agent taking?”

A human employee with authorized access to a system will not execute 500 API calls in three seconds. An agent will. Traditional zero trust verifies that an identity can reach an application. It doesn’t scrutinize what that identity does once inside.

Carter Rees, VP of Artificial Intelligence at Reputation, identified the structural reason. The flat authorization plane of an LLM fails to respect user permissions, Rees told VentureBeat. An agent operating on that flat plane does not need to escalate privileges. It already has them. That is why access control alone cannot contain what agents do after authentication.

CrowdStrike CTO Elia Zaitsev described the detection gap to VentureBeat. In most default logging configurations, an agent’s activity is indistinguishable from a human. Distinguishing the two requires walking the process tree, tracing whether a browser session was launched by a human or spawned by an agent in the background. Most enterprise logging cannot make that distinction.

Caulfield’s identity layer and Zaitsev’s telemetry layer are solving two halves of the same problem. No single vendor closes both gaps.

“At any moment in time, that agent can go rogue and can lose its mind,” Caulfield said. “Agents read the wrong website or email, and their intentions can just change overnight.”

How the request lifecycle works when agents have their own identity

Five vendors shipped agent identity frameworks at RSAC 2026, including Cisco, CrowdStrike, Palo Alto Networks, Microsoft, and Cato Networks. Caulfield walked through how Cisco’s identity-layer approach works in practice.

The Duo agent identity platform registers agents as first-class identity objects, with their own policies, authentication requirements, and lifecycle management. The enforcement routes all agent traffic through an AI gateway supporting both MCP and traditional REST or GraphQL protocols. When an agent makes a request, the gateway authenticates the user, verifies that the agent is permitted, encodes the authorization into an OAuth token, and then inspects the specific action and determines in real time whether it should proceed.

“No solution to agent AI is really complete unless you have both pieces,” Caulfield told VentureBeat. “The identity piece, the access gateway piece. And then the third piece would be observability.”

Cisco announced its intent to acquire Astrix Security on May 4, signaling that agent identity discovery is now a board-level investment thesis. The deal also suggests that even vendors building identity platforms recognize that the discovery problem is harder than expected.

Six-stage identity maturity model for agentic AI

When a company shows up claiming 500 agents in production, Caulfield doesn’t accept the number. “How do you know it’s 500 and not 5,000?”

Most organizations don’t have a source of truth for agents. Caulfield outlined a six-stage engagement model.

Discovery first: identify every agent, where it runs, and who deployed it. Onboarding: register agents in the identity directory, tie each one to an accountable human, and define permitted actions. Control and enforcement: place a gateway between agents and resources, inspect every request and response. Behavioral monitoring: record all agent activity, flag anomalies, and build the audit trail. Runtime isolation contains agents on endpoints when they go rogue. Compliance mapping ties agent controls to audit frameworks before the auditor shows up. The six stages are not proprietary to any single vendor. They describe the sequence every enterprise will follow regardless of which platform delivers each stage.

Maor’s Censys data complicates step one before it even starts. Organizations beginning discovery should assume their agent exposure is already visible to adversaries. Step four has its own problem. Zaitsev’s process-tree work shows that even organizations logging agent activity may not be capturing the right data. And step three depends on something Rees found most enterprises lack: a gateway that inspects actions, not just access, because the LLM does not respect the permission boundaries the identity layer sets.

Agentic identity prescriptive matrix

What to audit at each maturity stage, what operational readiness looks like, and the red flag that means the stage is failing. Use this to evaluate any platform or combination of platforms.

Source: VentureBeat analysis of RSAC 2026 interviews (Caulfield, Zaitsev, Maor) and independent practitioner validation (McGladrey, Rees). May 2026.

Compliance frameworks have not caught up

“If you were to go through an audit today as a chief security officer, the auditor’s probably gonna have to figure out, hey, there are agents here,” Caulfield told VentureBeat. “Which one of your controls is actually supposed to be applied to it? I don’t see the word agents anywhere in your policies.”

McGladrey’s practitioner experience confirms the gap. The Cloud Security Alliance published an NIST AI RMF Agentic Profile in April 2026, proposing autonomy-tier classification and runtime behavioral metrics. But SOC 2, ISO 27001, and PCI DSS have not operationalized agent identities. The compliance frameworks McGladrey works with inside enterprises were written for humans. Agent identities do not appear in any control catalog he has encountered. The gap is a lagging indicator; the risk is not.

Security director action plan

VentureBeat identified five actions from the combined findings of Caulfield, Zaitsev, Maor, McGladrey, and Rees.

1. Run an agent census and assume adversaries already did.

   Every agent, every MCP server those agents touch, every human accountable. Maor’s Censys data confirms agent infrastructure is already visible from the public internet. NIST’s NCCoE reached the same conclusion in its February 2026 concept paper on AI agent identity and authorization.

2. Stop cloning human accounts for agents.

   McGladrey found that enterprises default to copying human user profiles, and permission sprawl starts on day one. Agents need to be a distinct identity type with scope limits that reflect what they actually do.

3. Audit every MCP and API access path.

   Five vendors shipped MCP gateways at RSAC 2026. The capability exists. What matters is whether agents route through one or connect directly to tools with no action-level inspection.

4. Fix logging so it distinguishes agents from humans.

   Zaitsev’s process-tree method reveals that agent-initiated actions are invisible in most default configurations. Rees found authorization planes so flat that access logs alone miss the actual behavior. Logging has to capture what agents did, not just what they were allowed to reach.

   Advertisement

5. Build the compliance case before the auditor shows up.

   The CSA published a NIST AI RMF Agentic Profile proposing agent governance extensions. Most audit catalogs have not caught up. Caulfield told VentureBeat that auditors will see agents in production and find no controls mapped to them. The documentation needs to exist before that conversation starts.

Mundi Ventures’ EU-backed Kembara fund has made its first major investment by co-leading a $160m round with DCVC in the UK’s Quantum Motion.

The UK-based Quantum Motion specialises in silicon transistor-based quantum computing, and said it will use the Series C investment “to commercialise its scalable and energy-efficient approach to quantum computing” and to help deliver “utility-scale and commercially viable quantum computers that fit inside existing standard data centres and racks”.

Since its last funding round in 2023, the company has expanded internationally, with new offices and labs in Spain and Australia, and has deepened its manufacturing partnership with GlobalFoundries as part of its bid to tie directly into commercial semiconductor supply chains, it said.

“Quantum computing will only achieve its full potential if it can be built on a platform that scales, and we believe silicon is the strongest route to achieving that,” said Dr James Palles-Dimmock, CEO of Quantum Motion. “We are pleased to be joined by investors who share our vision and understand what it takes to build a foundational company in this field.”

Yann de Vries, partner and co-founder of Kembara, said: “If you believe quantum computing is going to be world-changing, as we do, then the obvious next question is which of the many ways of building one will actually work at scale? This investment signals our strong belief in where the answer lies.”

With an ultimate target of €1bn, Spain’s Mundi Ventures closed on €750m in February for its Kembara fund for deep tech and climate start-ups. The fund aims to address the scaling gap in European deep tech funding with its focus on Series B and C funding of €15m-€40m, and beyond, for European companies.

“Quantum is critical infrastructure for the next century of computing, AI and security, and leadership will go to whoever can industrialise it,” said Dr Prineha Narang, operating partner at DCVC. “DCVC led this investment in Quantum Motion because silicon is the foundation that scales, and this team is building on the CMOS advantage to turn quantum from a demonstration into a commercial success story.”

According to the Kembara team, Europe produces 28pc of global deep tech innovation, but only 3pc of European deep tech companies successfully raise Series B or C rounds. It is that very gap that the Kembara fund is hoping to bridge using “€1bn dedicated to backing Europe’s deep tech champions at the exact moment when technology is proven and global scale becomes possible”.

“Quantum Motion’s unique approach that combines cutting-edge quantum physics with established silicon manufacturing provides a distinct global edge,” said Charlotte Lawrence, managing director of direct equity at the British Business Bank, a new investor in the company with this round. “We are no longer just theorising about quantum computing but are actively starting to build the platforms to deliver it here in the UK.”

The European Investment Fund (EIF) is a lead backer of Kembara, announcing in July last year that it would invest €350m in Kembara Fund 1. At the time, the EIF said it was the experience of the Kembara management team and its “differentiated strategy” that were key to offering its support.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Financial analysts at Wedbush have consistently been bullish about Apple, but now has raised its target price by a whopping $50 to $400, making its greatest jump in at least the last five years.

Back in April 2025 when Trump’s tariffs first struck, Wedbush did cut its Apple price target $325 down to $250, but that was a rare drop. Now it’s made a similarly large increase, taking its price target from the $350 it set in December 2025, to $400.

This is the highest price target ever set for Apple by any investment firm, and in a note to investors seen by AppleInsider, the company’s analysts attribute it very much to AI. They believe that what Apple will reveal at WWDC 2026 in June will lead to around a fifth of the entire world’s population using AI via Apple devices over the next few years.

Key to this belief is the recent news that Apple’s forthcoming iOS 27 will give users the option of multiple different AI models. Wedbush also expects that ultimately hundreds of AI-based apps will take advantage of improvements to Apple Intelligence.

While the $50 target increase is the largest Wedbush has made since at least 2021, the firm has consistently predicted that 2026 will be a significant year for Apple Intelligence. It has also previously predicted that Apple will charge for some AI features, and its latest report doubles down on that.

Wedbush expects that over the next few years, Apple will monetize is AI services. Including its partnership in China with Alibaba, Wedbush predicts that Apple’s AI monetization could bring it $15 billion annually.

The investor note says little further about China, other than that Apple’s AI partnership is part of it aiming to greatly increase its user base in the country. In Apple’s latest earnings call, Tim Cook called out the fact that he was “thrilled” with how the company has seen “strong double-digit growth in Greater China.”

In that same call, Cook also stressed that how with Apple Intelligence, this “is not AI as a standalone feature, but AI as an essential, intuitive part of the experience across our devices.” That fits with Wedbush’s belief that Apple will become what it calls the consumer hub of AI.

CEO handover and WWDC

These expectations around AI, though, are not Wedbush’s only reasons to increase its price target. The firm’s analysts also expect the incoming CEO John Ternus to have an impact on Apple’s hardware moves.

Wedbush believes that WWDC 2026 will be particularly significant, but is already describing this as a golden age for Apple.

Most analysts have been positive about Apple following its recent earnings announcement, but Wedbush appears to be the first to raise its target price.

WWDC 2026 takes place in the week of June 8 to June 12, with the spotlight as ever being on the opening keynote speech.

Cloudflare beat Wall Street’s revenue and earnings estimates on Wednesday, announced it would cut 1,100 employees because artificial intelligence agents now do their work, and watched its stock fall 24 per cent on Thursday. The sequence is becoming the template for the technology industry in 2026: record revenue, record layoffs, record doubt about what comes next.

First-quarter revenue was 639.8 million dollars, up 34 per cent year over year, beating the consensus estimate of 622 million. Adjusted earnings per share were 25 cents against expectations of 23 cents. Free cash flow was 84.1 million dollars. The company added a record number of customers paying more than five million dollars per year and saw a 73 per cent year-over-year increase in deals worth more than a million. By every traditional metric, the quarter was strong.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

Advertisement

Then the company said it was eliminating one in five jobs.

The model

CEO Matthew Prince and co-founder Michelle Zatlyn announced in a blog post that Cloudflare is transitioning to what they called an “agentic AI-first operating model.” The company said its internal use of AI had increased more than 600 per cent in three months. Staff across engineering, human resources, finance, and marketing are running thousands of AI agent sessions per day. The framing was not that AI would assist employees. It was that AI has made certain categories of employee unnecessary.

Prince was specific about which roles are disappearing. “A lot of the support roles” behind customer-facing and engineering staff “are not going to be the roles that drive companies going forward,” he said. The language distinguished between people who build the product, people who sell the product, and people who support the people who build and sell the product. The third group is being replaced.

GitHub froze new Copilot sign-ups last month because agentic AI workflows were generating costs that exceeded what users paid, a signal that the economics of AI tools are not yet stable. Cloudflare’s bet is that the instability is temporary and that the productivity gains from running thousands of AI agent sessions per day will more than offset the cost of eliminating 1,100 human roles and paying 140 to 150 million dollars in restructuring charges.

The numbers

The financial results that accompanied the layoff announcement were not the results of a company in distress. Cloudflare now has 4,416 customers paying more than 100,000 dollars per year. It estimates that approximately 80 per cent of leading AI companies use its products. Its Workers developer platform, which runs code at the edge of Cloudflare’s network across data centres in 330 cities, is positioned as infrastructure for the AI agent economy the company says is replacing the roles it just eliminated.

Full-year revenue guidance was 2.805 to 2.813 billion dollars, narrowly beating the consensus estimate of 2.8 billion. Full-year adjusted earnings guidance was 1.19 to 1.20 dollars per share, ahead of the 1.14 expected. Prince called AI “the biggest tailwind we’ve ever seen in Cloudflare’s history” and said the re-platforming of the internet around AI agents represents the company’s largest growth opportunity.

The stock market disagreed, or at least disagreed with the timing. Shares fell 24 per cent on Thursday, erasing billions in market capitalisation. The sell-off reflected not the earnings, which were strong, but the uncertainty about whether a company that just fired 20 per cent of its workforce can execute a business model transition while maintaining the growth trajectory investors had priced in.

The cuts

The 1,100 affected employees will receive base pay through the end of 2026, continued healthcare coverage through year end in the United States, and equity vesting extended to 15 August 2026. The restructuring is expected to be substantially complete by the end of the third quarter. Prince said, “Today is a hard day.”

The company’s headcount will fall from approximately 5,156 to around 4,000. The restructuring charges of 140 to 150 million dollars break down to 105 to 110 million in cash severance and benefits and 35 to 40 million in non-cash equity-related expenses. The savings are projected at a pace that Cloudflare expects to reinvest into the AI infrastructure and hiring it says will drive the next phase of growth.

Cloudflare framed the cuts as structural rather than cyclical. This is not a company reducing headcount because revenue is declining. Revenue grew 34 per cent. This is a company reducing headcount because it believes the work those employees performed is now performed by software. The distinction matters because it implies the jobs are not coming back.

The pattern

Meta and Microsoft between them cut 23,000 jobs while simultaneously increasing AI spending by tens of billions of dollars. Oracle eliminated up to 30,000 positions to fund AI data centres. Atlassian cut 1,600 in the name of AI adaptation. The tech sector has recorded more than 73,000 job cuts across 95 companies in the first four months of 2026, with projections that the full-year total will exceed the 124,000 eliminated in all of 2025.

Cloudflare’s announcement is notable because it was the most explicit in attributing the layoffs to AI replacing human work rather than AI requiring capital reallocation. Meta’s Zuckerberg said the layoffs were about freeing capital for AI infrastructure. Cloudflare’s Prince said the layoffs were about AI doing the work. The difference is between “we need your salary to buy GPUs” and “we no longer need you because the GPUs are doing your job.”

The human cost of the AI layoff wave is accumulating at a pace that the industry’s growth metrics do not capture. Google is turning Chrome into an agentic AI workplace tool, embedding AI capabilities directly into the browser that millions of knowledge workers use daily. ServiceNow projects 30 billion dollars in revenue by 2030, with a third of that coming from AI. The companies building the AI tools and the companies deploying them are both growing. The people whose work the tools replicate are not.

The tension

Cloudflare’s position is coherent but uncomfortable. The company reported its strongest quarter, told investors the AI opportunity is transformational, cut a fifth of its workforce to pursue it, and then saw a quarter of its market value disappear because investors were not sure the transformation would work. The 600 per cent increase in AI usage over three months is either evidence that the transition is already delivering results or evidence that the company is moving faster than it can manage.

Prince’s statement that certain support roles “are not going to be the roles that drive companies going forward” is a prediction about the entire industry, not just Cloudflare. If he is right, the 1,100 people losing their jobs at Cloudflare are early casualties of a restructuring that will reach every technology company and eventually every company that employs people to do work that AI agents can approximate. If he is wrong, Cloudflare just fired 20 per cent of its workforce during its best quarter, and the 24 per cent stock drop is the market’s way of saying so.

The earnings beat. The layoffs are real. The stock is down. The AI agents are running. The question Cloudflare cannot yet answer, and that no company in its position has answered, is whether a 600 per cent increase in AI usage produces a proportional increase in the value of the work, or whether it produces a proportional increase in the confidence that the work is being done without anyone checking whether it is being done well.

Dario Amodei is not the kind of CEO who talks loosely about numbers. The Anthropic co-founder and chief executive, a former VP of research at OpenAI with a PhD in computational neuroscience from Princeton, has built a reputation for measured public statements — particularly around the financial performance of a company that, until recently, disclosed almost nothing about its business.

So when Amodei took the stage at Anthropic’s Code with Claude developer conference on Wednesday and offered a genuinely striking piece of financial candor, the room paid attention.

“We tried to plan very well for a world of 10x growth per year,” Amodei said during a fireside chat with Anthropic’s chief product officer, Ami Vora. “And yet we saw 80x. And so that is the reason we have had difficulties with compute.”

Anthropic had planned for tenfold growth. But revenue and usage increased 80-fold in the first quarter on an annualized basis, a rate Amodei described as “just crazy” and “too hard to handle.”

The number demands context. Annualized growth rates can overstate sustained performance — a single strong quarter, extrapolated across a full year, can paint a picture that doesn’t hold. Amodei knows this. But the underlying trajectory is not a mirage. Anthropic has crossed a $30 billion annualized revenue run rate, up sharply from roughly $9 billion at the end of 2025, and that growth is being driven largely by enterprise demand. The company’s revenue trajectory has been relentless: $87 million run rate in January 2024, $1 billion by December 2024, $9 billion by end of 2025, $14 billion in February 2026, $19 billion in March, and $30 billion in April.

For context: Salesforce took about 20 years to reach $30 billion in annual revenue. Anthropic did it in under three years from a standing start.

Claude Code became the fastest-growing product in enterprise software history

The growth story at Anthropic is, to a remarkable degree, a single-product story. Claude Code, the company’s agentic AI coding tool launched publicly in mid-2025, has become the fastest-growing product in the company’s history — and, by several measures, one of the fastest-growing software products ever built.

Claude Code hit $1 billion in annualized revenue within six months of launch, and the growth hasn’t slowed down. By February 2026, the product was generating over $2.5 billion in run-rate revenue. The company also said Claude Code’s weekly active users had doubled since January 1 and that business subscriptions had quadrupled since the start of 2026.

The mechanics of the product are straightforward. Claude Code is not a chatbot that suggests snippets. It reads a codebase, plans a sequence of actions, executes them using real development tools, evaluates the result, and adjusts its approach. The developer sets the objective and retains control over what gets committed, but the execution loop runs independently. The average developer using Claude Code now spends 20 hours per week working with the tool.

At Anthropic itself, the majority of code is now written by Claude Code. Engineers focus on architecture, product thinking, and continuous orchestration: managing multiple agents in parallel, giving direction, and making the decisions that shape what gets built.

That last point may be the most revealing detail Amodei disclosed at the conference: this is the first year Anthropic’s own internal pull requests have inflected upward due to Claude’s work on the company’s own codebase. The tool that Anthropic sells to developers is now a material contributor to Anthropic’s own engineering output. That creates a feedback loop that is almost impossible for competitors without a comparable product to replicate — the company is using its own product to build the next version of its own product.

The enterprise numbers tell the same story. The company now counts over 1,000 enterprise customers spending more than $1 million per year on Claude services, a figure that has doubled since February. Much of this increase has been fueled by a wave of corporate customers including Uber and Netflix.

Amodei framed the adoption curve in economic terms. “Software engineers are the ones who are fastest to adopt new technology,” he said on stage. “It’s a foreshadowing of how things are going to work across the economy, and how the economy is going to be transformed by AI.”

Anthropic’s 80x growth created a compute crisis it couldn’t solve alone

Hypergrowth creates its own category of problem. When demand outstrips supply by an order of magnitude, the constraint is not go-to-market strategy or product-market fit. The constraint is physics.

The company is growing so fast that its infrastructure has struggled to keep up, forcing Anthropic into what may be the most unexpected partnership in the current AI cycle. Amodei’s comments came hours after Anthropic announced a deal with Elon Musk’s SpaceX to use all of the compute capacity at his company’s Colossus 1 data center in Memphis, Tennessee. As part of the agreement, Anthropic will get access to more than 300 megawatts of capacity — over 220,000 Nvidia GPUs, including dense deployments of H100, H200, and next-generation GB200 accelerators.

The deal is remarkable for several reasons. Musk has been, until very recently, one of Anthropic’s most vocal critics. He has said Anthropic is “doomed to become the opposite of its name” and wrote in February that “Anthropic hates Western Civilization.” But on Wednesday, Musk changed his tune, saying he spent a lot of time with senior members of the Anthropic team over the past week and that he was “impressed.” “Everyone I met was highly competent and cared a great deal about doing the right thing. No one set off my evil detector,” Musk wrote.

The strategic logic on both sides is clear. xAI’s Colossus 1 ended up with capacity that Grok’s user base never grew into, while Anthropic needs compute immediately. Anthropic has been signing deals with Amazon, Google, Nvidia, and Microsoft for more compute capacity, but most of that isn’t expected to come online until late 2026 or early 2027. The SpaceX deal gives Anthropic a significant boost now — the key word being “now.”

As one industry watcher summarized the alignment: “Elon’s enemy is Sam. Dario’s enemy is Sam. Enemy of my enemy is a compute partner.”

Last month, Anthropic said demand for Claude has led to “inevitable strain on our infrastructure,” which has impacted “reliability and performance” for its users, particularly during peak hours. The company admitted in a postmortem from late April that three bugs had affected Claude Code since March 4, and that internal tests hadn’t caught them, leading to several weeks of degraded performance. Amodei said at the Code with Claude conference that the company is “working as quickly as possible to provide more” capacity and will “pass that compute on to you as soon as we can.”

A near-trillion-dollar valuation makes Anthropic’s IPO the most anticipated debut in years

The growth figures arrive at a moment when Anthropic’s valuation is itself becoming one of the defining financial stories of the AI era.

Anthropic has begun weighing a fresh funding round that would value the company at more than $900 billion, according to people familiar with the matter, potentially leapfrogging its longtime rival OpenAI as the world’s most valuable AI startup. The velocity of the escalation is difficult to overstate. From $61.5 billion in March 2025, to $183 billion by its Series F in September, to $380 billion in February, to, if the current discussions proceed, more than $900 billion in May. Anthropic’s shares were already trading at an implied $1 trillion valuation on secondary markets earlier this month.

Instead of cashing out, many existing investors are waiting to potentially exit during Anthropic’s anticipated IPO later this year. The company is raising what is likely to be its last private round before going public to fund its massive computing needs. Bloomberg has reported that the company is weighing an IPO as early as October 2026, with Goldman Sachs, JPMorgan, and Morgan Stanley already in early discussions.

Anthropic is also building out infrastructure on longer time horizons. Amazon has agreed to invest up to $25 billion in Anthropic, securing up to 5 gigawatts of compute capacity for training and deploying Claude models. Anthropic also secured 5 gigawatts of computing capacity as part of a separate deal with Google and Broadcom that will start to come online next year. The total commitment is staggering — tens of gigawatts of compute across three separate hardware ecosystems: Amazon’s Trainium chips, Google’s TPUs via Broadcom, and Nvidia GPUs through SpaceX and Microsoft Azure.

For perspective: Anthropic’s $30 billion run rate exceeds the trailing twelve-month revenues of all but approximately 130 S&P 500 companies. A company that was essentially pre-revenue in early 2024 now out-earns most of the Fortune 500.

That comparison comes with caveats. Private-market revenue run rate is not the same thing as audited GAAP revenue, gross margin, free cash flow, or public float. OpenAI has internally argued that Anthropic’s $30 billion figure is overstated by roughly $8 billion, pointing to questions about whether revenues from AWS and Google Cloud should be reported at gross value or net of the partner’s cut. The accounting question will ultimately be resolved when both companies file IPO prospectuses — but even on a net basis, Anthropic’s growth rate is unlike anything in enterprise software history.

Dario Amodei’s vision for AI extends far beyond coding — and he’s given himself a deadline

The financial story — 80x growth, a near-trillion-dollar valuation, a scramble to secure enough GPUs to meet demand — is dramatic on its own terms. But Amodei used his time on stage to place it inside a larger thesis about where AI is headed.

He described a progression from single agents to multiple agents to what he called whole organizational intelligence — from “a team of smart people in a room” to “a country of geniuses in the data center.” The framing is deliberately expansive. What Anthropic is selling today is a coding tool. What Amodei is describing is a future in which entire categories of knowledge work are performed by fleets of AI agents operating in parallel, supervised by humans who define objectives and review outputs.

He reiterated a prediction he made roughly a year ago: that 2026 would see the first billion-dollar company run entirely by a single person. “Hasn’t quite happened yet,” he said. “But we’ve got seven more months.”

The company has also been navigating political headwinds. The Pentagon declared Anthropic a supply chain risk in March, blacklisting it from work with the military. The company has warned the designation could result in billions in lost revenue, with over one hundred enterprise customers reportedly expressing doubts about continuing their relationships.

And yet — as that scuffle makes its way through the legal system, Anthropic is only getting more popular. Amodei said this week he’s eventually hoping for “more normal” expansion.

There is a temptation, when covering a company growing at this rate, to let the numbers speak for themselves. They shouldn’t. Growth at 80x annualized is not a business plan — it’s an emergency. It means demand has outrun infrastructure, that customers want something the company cannot yet reliably deliver at scale, and that every week of constrained capacity is a week during which competitors can close the gap.

The investors funding Anthropic — including SoftBank, Amazon, Nvidia, Google, a16z, Lightspeed, and ICONIQ — are making a specific bet: that compute costs continue to fall per unit of intelligence, that revenue keeps compounding faster than burn, and that whoever owns the AI infrastructure layer in 2029 will generate returns that make the interim losses irrelevant.

Amodei’s candor at Code with Claude was not a victory lap. It was a diagnostic — an admission that his company is running faster than it can steer. He planned for a world of 10x growth and got 80x instead. Now he has seven months to prove that the infrastructure, the organization, and the vision can catch up to the demand. The country of geniuses in the data center is getting crowded. The question is whether anyone remembered to build enough rooms.