Wednesday, July 15, 2026

News

White House Launches Gold Eagle, an AI Program to Detect US Cyber Vulnerabilities

PolicyPatryk Raba
Fot. United States Department of the Treasury, Wikimedia Commons (Public domain)

The Trump administration has launched Gold Eagle, a clearinghouse where AI companies and critical infrastructure operators share AI-detected security vulnerabilities. The program is already coordinating vulnerability patching across banks, hospitals and power grids.

Contents
  1. What was launched
  2. Who runs the program
  3. Scale and limitations
  4. The threat landscape
  5. Relevance beyond the US

The White House announced on July 14, 2026 the launch of Gold Eagle, a central coordination mechanism through which companies building advanced AI models and providers of services critical to the economy will share information about security vulnerabilities detected by artificial intelligence. The initiative is meant to reduce the risk that the same software flaws get exploited by criminals before anyone else has a chance to patch them.

What was launched

Gold Eagle functions as a central clearinghouse for vulnerabilities. Companies building the most powerful AI models, including Anthropic and OpenAI, have shown for months that their systems can scan code and infrastructure for security flaws on a scale no human team could match. The problem is that attackers can exploit those same capabilities if a discovered flaw falls into the wrong hands before it gets patched.

The new mechanism is designed to prevent that by forcing rapid information sharing. Technology companies, open source software providers and operators of critical infrastructure, from financial institutions to hospitals and power grids, report detected vulnerabilities to a shared platform that prioritizes them and coordinates scan verification and patching.

Who runs the program

Day-to-day operation of Gold Eagle falls to the Treasury Department, with the Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security, and the Department of War as partners. The Software Engineering Institute at Carnegie Mellon University, which has studied software vulnerabilities on behalf of the US government for decades, has also joined the effort.

Treasury, along with our partner agencies, will continue to harness frontier AI capabilities to stay ahead of our adversaries - Scott Bessent, US Treasury Secretary
GOLD EAGLE serves as the vanguard of America's cyber defense, safeguarding critical infrastructure - Pete Hegseth, US Secretary of War

Scale and limitations

According to White House officials, the program has already begun accepting and prioritizing vulnerability reports from across multiple sectors of the economy and coordinating the verification of security scans. One administration official described the scale of vulnerability detection made possible by AI models as a qualitative shift compared with traditional manual code audits.

Not all experts are convinced, however, that the administration fully grasps how artificial intelligence is changing the nature of the threat. Michael Daniel, a former White House cybersecurity coordinator, noted that policymakers are still learning how to adapt existing regulatory frameworks to a situation where both defenders and attackers have access to AI tools capable of scanning code at massive scale.

The threat landscape

The program arrives as security analysts observe that artificial intelligence now supports virtually every stage of a cyberattack, from target selection to vulnerability testing to moving through a victim's network. Attackers first try to use models from American companies such as ChatGPT and Claude, since their outputs are considered more precise, but stronger safeguards on those systems make abuse harder. When that fails, criminals turn to Chinese platforms with looser restrictions, including DeepSeek, Qwen and Trae.

That context explains why the Trump administration links cybersecurity to US technological dominance in AI. The June 2026 executive order that created Gold Eagle explicitly frames the promotion of advanced artificial intelligence as a matter of national security, not just economic innovation.

Relevance beyond the US

For companies and institutions outside the United States, the program's relevance is indirect but real. A large share of the global cloud infrastructure and open source software also used by Polish companies and public agencies runs through the same supply chains Gold Eagle is meant to monitor. Faster detection and patching of flaws in widely used libraries and systems could meaningfully reduce attack risk beyond US borders as well, though critics note that coordination remains American-led and does not formally include European partners.

Share: