Vendor-neutral "seven-ring" architecture helps Indian enterprises deploy the most powerful AI models safely — and reframes a dangerous question now circulating among technology leaders.
iManEdge Digital Services Bharat Pvt. Ltd., a sovereign Indian cyber, AI and privacy firm operating under the #SecuringBharat banner, today published a vendor-neutral security framework to help enterprises safely deploy the new generation of publicly-available frontier AI models. The framework arrives days after Anthropic released Claude Fable 5 — the first model in its most capable "Mythos-class" tier to be made generally available — putting frontier-grade AI capability within reach of mainstream enterprises for the first time.
The release of Fable 5 marks a turning point. The model shares the same underlying system as Claude Mythos 5, a more capable variant that Anthropic restricts to approved participants in its managed cybersecurity programme, Project Glasswing. Publicly reported assessments credit the Mythos-class model with autonomously identifying hundreds of long-standing software vulnerabilities — including a widely-cited finding of 271 flaws in a major web browser's code — despite not having been purpose-built for cybersecurity. The publicly-available Fable 5 wraps that capability in additional safety classifiers; the restricted Mythos 5 has certain cyber safeguards lifted.
According to iManEdge, this two-tier arrangement has prompted a question now circulating among technology and security leaders — namely, how to obtain the unrestricted model's capabilities — that the firm considers both misguided and risky. Its new framework is designed to redirect that conversation toward what it argues is the question enterprises should actually be asking.
"The instinct to chase the unrestricted model is exactly backwards. A frontier model's built-in safety protects the public from the model. It does nothing to protect an enterprise from how that model is used, fed, integrated and trusted inside its own walls. Those are two completely different security problems — and only one of them is the vendor's job. The other is ours."
From "model safety" to "system security"
The central argument of the iManEdge framework is a distinction the firm says is widely misunderstood: the difference between model safety — the alignment training and refusal behaviours a model-maker builds into the model itself — and application security, the controls an enterprise must build around the model in production.
A safely-aligned model, the firm notes, offers no inherent protection against a range of deployment-level risks that fall squarely to the adopting organisation. These include prompt injection (malicious instructions hidden in content the model reads), leakage of sensitive personal or proprietary data into prompts, over-privileged autonomous agents that can take consequential actions, and unsanctioned "shadow AI" tools operating outside any governance. None of these, iManEdge emphasises, are failures of the model; they are failures of architecture — and therefore within the enterprise's control.
The reframe in plain terms: enterprises cannot, and should not, attempt to strip a public model down to its unrestricted form. They can, however, build their own controls up — to the point where the complete deployed system reaches frontier-grade assurance. iManEdge summarises this as: "Not stripping the model down. Building the enterprise up."
A seven-ring, defence-in-depth architecture
The framework organises the enterprise's responsibilities into seven concentric "rings" of control around the model, applying the established principle of defence-in-depth to AI deployment. The model's own safety, iManEdge notes, sits at the centre as a single layer controlled by the vendor; the surrounding seven are the enterprise's to build:
● Ring 1 — Data boundary: classification, PII and secret redaction at the gateway, and private deployment channels so sensitive data never crosses an external perimeter unnecessarily.
● Ring 2 — Input defence: treating all external content as untrusted data, with dedicated protection against prompt injection — ranked by OWASP as the foremost risk to large-language-model applications.
● Ring 3 — Output validation: schema-checking, sanitising and grounding model output before it reaches downstream systems.
● Ring 4 — Agent guardrails: least-privilege tooling, human-in-the-loop approval for irreversible actions, and emergency shutdown ("kill-switch") mechanisms for autonomous agents.
● Ring 5 — Identity & least privilege: governing the non-human identities — service accounts, tokens and keys — that AI agents use and that increasingly outnumber human accounts.
● Ring 6 — Monitoring & detection: immutable logging of all AI interactions into the security operations centre, tuned for AI-specific anomalies.
● Ring 7 — Governance & assurance: a complete AI inventory, clear policy, risk assessment, and alignment to recognised frameworks.
The framework maps each control to widely-recognised standards, including the OWASP Top 10 for LLM Applications, the NIST AI Risk Management Framework, ISO/IEC 42001 for AI management systems, Cloud Security Alliance guidance, and India's Digital Personal Data Protection Act, 2023 (DPDPA). It also aligns to recent guidance from India's national cyber agency, CERT-In, whose May 2026 blueprint explicitly calls for emergency shutdown mechanisms for autonomous and agentic AI systems and a six-hour incident-reporting obligation.
"Indian enterprises are being handed extraordinary AI capability at exactly the moment our regulatory expectations are sharpening — DPDPA, the CERT-In directions, sectoral rules. The organisations that treat frontier-grade security as something to build, rather than something to assume, will adopt AI confidently. The rest are one prompt-injection away from a very bad day. This framework is our contribution to making sure more of them are in the first group."
A 30-60-90 day adoption path
Recognising that few organisations can implement all seven rings at once, the framework includes a phased, risk-prioritised roadmap. The first thirty days focus on visibility and containment — inventorying AI use, including shadow AI, and stopping the most obvious data leakage. The next thirty harden inputs and outputs and bring AI traffic into security monitoring. The final thirty establish agent guardrails, formal governance, and independent assurance. iManEdge says the sequence is designed so that a security team "can start on Monday."
Vendor-neutral, with an India-native option
iManEdge stresses that the framework is deliberately vendor-neutral: the seven rings describe controls that any enterprise deploying any frontier model requires, regardless of vendor or build approach. The firm notes that its own platform, Citadel, addresses several of the rings with India-native data discovery, non-human-identity monitoring, and real-time PII detection mapped to DPDPA — but positions this as one route to implementation rather than a prerequisite. The framework, the firm says, is offered to the wider community as thought leadership.
iManEdge clarified that the framework and its analysis are independent and vendor-neutral, and are not affiliated with or endorsed by Anthropic or any model provider.
The full framework — including the seven-ring architecture, the threats-to-standards mapping, and the 30-60-90 day adoption plan — is available through iManEdge's #SecuringBharat content channels.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
