Biosecurity
The MATS Biosecurity Track supports research at the intersection of advanced AI and catastrophic biological risk. We are launching this track because the threat model has shifted: biological foundation models, LLMs with growing wet-lab uplift, and AI-accelerated design tools are compressing timelines on capabilities the existing biosecurity stack was not built to absorb. We want fellows pursuing technical work that has a realistic chance of meaningfully shifting outcomes within the next 6–12 months.
- General application: Submit track-specific short response questions.
- Centralized review: Some streams depending on empirical ML skills will require a standardized test of ML skills. Other streams requiring more specific backgrounds will skip to the next step without centralized review.
- Stream applications & follow-up: Apply to individual streams; follow-up includes interviews or additional assessments depending on the stream.
The track spans six research areas. Fellows are matched to mentors based on fit, and projects are scoped to produce concrete artifacts – papers, evals, prototypes, or policy analyses – by program end.
Detection
Metagenomic surveillance pipelines for pandemic-grade pathogen detection; genomic language models for novelty detection and improved signal/noise at the front end of the surveillance stack.
Medical countermeasures
AI-accelerated discovery of antiviral peptides under pandemic-response constraints, paired with realistic analysis of the manufacturing and supply-chain bottlenecks that determine whether candidates actually reach patients.
AI for synthesis screening
Function-based DNA sequence screening using mechanistic interpretability and ML on biological foundation models — classifiers that catch hazardous sequences, including engineered and AI-designed variants meant to evade homology-based screens.
Physical biodefense
Engineering work on emergency biodefense infrastructure: PPE, filtration, far-UVC, decontamination, and improvised protective systems for worst-case scenarios. Deliverables here are often physical or quasi-physical.
Strategy and threat modeling
Policy and forecasting work on AI-bio: evaluating policy levers, forecasting when AI trivializes specific offensive or defensive capabilities, and analyzing deterrence via physical chokepoints (synthesis screening governance, cloud-lab access controls).
Empirical AI × bio — defending against AI
Red-teaming biological AI models for dangerous capabilities, building technical defenses (genetic engineering attribution, data governance), and developing dangerous-capability evaluations for frontier bio-AI.
We expect fellows to engage seriously with infohazard considerations and to operate within a publication and disclosure framework we'll work through together early in the program. If you're uncertain whether your background fits, apply anyway and tell us how you think about the threat model — that reasoning is more informative to us than credentials.
We anticipate that strong candidates will come from a variety of backgrounds, including biology, AI safety, public health, epidemiology, machine learning, engineering, chemistry, biosafety, biosecurity, and national security. If you're uncertain whether your background fits, apply anyway and tell us how you think about the threat model; that reasoning is more informative to us than credentials.
This stream is primarily focused on research into physical defenses against engineered pathogens, aiming to inform decisions about PPE stockpiling and distribution approaches, improve improvised PPE and bioshelter scale-up, and reach rapid conclusions on how much to prioritize other areas of physical biodefense (agriculture, emergency response, etc.). We are also open to strategic research into the use of bioweapons by AI or AI-human teams as part of takeover strategies and how this might inform preparedness.
I'm mentoring projects that apply AI advances to core biosecurity challenges — early detection and attribution of biological threats, characterizing AI-enabled bioweapons uplift, accelerating medical countermeasure design, and building biosecurity-by-design into frontier biological AI tools. Fellows have wide latitude to scope their own project within (or adjacent to) these themes, including ideas I haven't yet considered, and are expected to drive the technical work independently. My comparative advantage is high-level strategic direction grounded in biosecurity, pandemic preparedness, epidemiology, and US R&D policy rather than hands-on ML or software engineering guidance.
This mentor also has a stream in the Strategy and Forecasting track
This stream focuses on how advanced AI could enable new and dangerous bio technologies, and on assessing when risks become tractable or urgent as those capabilities arrive.
The stream focuses on evaluating and/or mitigating catastrophic risk emerging from dangerous scientific capabilities in frontier AI systems, with an emphasis on the challenges that emerge from lab integrations and novel science. Potential research directions include evaluation design, risk mitigations and evaluation science.
I’m interested in two broad projects focused on improving current detection efforts at SecureBio. The first is to characterize when AI-bio or general AI tools are actually useful for large-scale metagenomic detection, including tradeoffs between compute cost, sequencing cost, model type, model size, and pipeline stage. The second is to explore genomic language models as novelty detectors—for example, using perplexity-style metrics to flag surprising sequences—and to evaluate whether this approach can complement traditional bioinformatics systems in a cost-effective, sensitive, and interpretable way.
Fourth Eon is developing adaptive, AI-native safeguards across the biotechnology stack, with a focus on function-based DNA synthesis screening. Fellows in this stream will work on technical research projects at the intersection of AI and biosecurity. Projects span topics like mechanistic interpretability of protein foundation models, bio model evaluations for biosecurity-relevant capabilities, and agentic sequence analysis workflows.
This stream will focus on projects related to biosecurity countermeasures.
This stream focuses on lead independent research in one of six chokepoints for biotech governance: live pathogen repositories, CROs, cloud labs, cell-free expression systems, plasmid vendors, or secondhand lab equipment.
On high-conviction areas, you'll tackle specific open research questions and assess interventions; on low-conviction areas, you'll conduct deep dives to determine whether they're worth pursuing. Your findings will directly shape Sentinel's grantmaking strategy and provide strategic guidance to the broader biosecurity community.
Computational/modelling problems in biosecurity.
Therapeutics may have durable advantages over pathogens even in the limit of technological progress. How can therapeutic development and manufacturing be made resilient under biorisk scenarios? How can AI progress be maximally leveraged for defense?
This stream will work on projects that empirically assess national security threats of AI misuse (CBRN terrorism and cyberattacks) and improve dangerous capability evaluations. Threat modeling applicants should have a skeptical mindset, enjoy case study work, and be strong written communicators. Eval applicants should be able and excited to help demonstrate concepts like sandbagging elicitation gaps in an AI misuse context.