The Pentagon's software supply-chain attack

Welcome to Runtime! Today: Why the U.S. government's declaration that military contractors should no longer do business with Anthropic is a stunning threat to enterprise software companies, AWS data centers appear to have been targeted by Iran's response to the joint U.S./Israel bombing campaign over the weekend, and the latest funding rounds in enterprise tech.

Please forward this email to a friend or colleague! If it was forwarded to you, sign up here to get Runtime each week, and if you value independent enterprise tech journalism, click the button below and become a Runtime supporter today.

Something happening here

Enterprise tech companies have been part of the U.S. military-industrial complex since the invention of the transistor in the 1940s, and while Donald Trump's first term as president tested that relationship the generative AI boom created a new opportunity for startups and conglomerates alike to supply the government with a new type of software. However, last week's showdown between the Department of Defense and Anthropic could have enormous ramifications for the future of tech procurement and supply-chain stacks.

Defense Secretary Pete Hegseth announced Friday on X that he would be designating Anthropic as a "Supply-Chain Risk to National Security" after the frontier model company refused to let the military violate the terms of service for its Claude models. That designation, a decision that "appears unprecedented" when applied to a U.S. company, was accompanied by a further statement that "effective immediately, no contractor, supplier, or partner that does business with the United States military may conduct any commercial activity with Anthropic."

• Anthropic immediately vowed to challenge that designation, which it said "would both be legally unsound and set a dangerous precedent for any American company that negotiates with the government."
• Several tech execs closely associated with the administration — such as Anduril founder Palmer Luckey — tried to argue Anthropic overstepped its bounds by seeking to limit the use of its models for domestic surveillance and autonomous weapons, but procurement experts disagreed.
• "The idea that a contractor categorically cannot restrict government use of its products, or that doing so is somehow illegitimate, reflects a fundamental misunderstanding of how government procurement law works," wrote Jessica Tillipman, a professor at George Washington University Law School who specializes in government contracting.
• Still, President Trump instructed government agencies to start getting rid of Anthropic's models, and several departments confirmed Monday they were following those orders. 

If upheld, Hegseth's statement would preclude just about every U.S. enterprise software company from working with the U.S. military given how widely Claude is used as a backbone for enterprise AI. The four major U.S. cloud companies — AWS, Microsoft, Google, and Oracle — are providing services to the Pentagon and all four have substantial commercial relationships with Anthropic.

• It's one thing for the government to decide it no longer wants its military contractors to use Claude in products they provide to the military, but it's quite another to declare that those contractors can no longer "conduct any commercial activity with Anthropic," even for non-military purposes.
• Legal experts rolled their eyes at Hegseth: "The Secretary’s statement of the consequences for Anthropic’s business associates neither matches his actual legal authority nor the available statutory effects," wrote Tess Bridgeman, a former legal advisor to the National Security Council during the Obama administration, on Just Security.
• But while Anthropic might prevail on the merits in any legal challenge, the fact that Hegseth said it at all is just another reminder that this administration operates like an organized-crime syndicate.
• "The fact that his shot is unlikely to be lethal (only very bloody) does not change the message sent to every investor and corporation in America: do business on our terms, or we will end your business," wrote Dean Ball, a fellow at the Foundation for American Innovation and a former member of the Trump Administration's AI policy team (emphasis in original).

OpenAI might have kicked off the generative AI boom, but over the last year or so Anthropic's models have emerged as the front-runner for coding agents and other enterprise AI projects. While it's not clear if Hegseth actually intends to follow through on his threats through formal channels, this is a "hang together or hang separately" moment for enterprise tech companies.

• "What Hegseth is actually describing is not a supply chain risk determination but something closer to the beginning of a partial nationalization of the AI industry: Seize the technology and, if you can’t, destroy the company to ensure that no future AI developer dares negotiate terms the Pentagon dislikes," Michael Endrias and Alan Z. Rozenshtein wrote at Lawfare.

Meanwhile, elsewhere in the Middle East…

AWS confirmed Monday that drone strikes hit two of its data-center complexes in the United Arab Emirates and Bahrain, resulting in significant damage but apparently no injuries. Two availability zones in its ME-Central-1 region (UAE) and one in its ME-South-1 region (Bahrain) were hit by strikes on Sunday that "caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage," the company said on its status page.

Needless to say, the attacks caused significant problems for AWS's cloud services in the region on Sunday and Monday. Its foundational S3 storage service is "designed to withstand the total loss of a single Availability Zone while maintaining S3's durability and availability," AWS said, but when two ME-Central-1 zones went down S3 faltered, and several other key AWS services in that region depend on having working access to S3.

As of Tuesday morning, AWS had begun to restore partial access to S3 in ME-Central-1, but it wasn't clear how long the disruption would last. "We continue to strongly recommend that customers with workloads running in the Middle East take action now to migrate those workloads to alternate AWS Regions," the company said.

Enterprise funding

WorkOS raised $100 million in Series C funding, valuing the developer-tools company at $2 billion.

Basis scored $100 million in Series B funding, valuing the accounting-software company at $1.15 billion.

Gambit Security launched with $61 million in seed and Series A funding for its backup and recovery software.

SolveAI launched with $50 million in seed and Series A funding as it builds out an AI-powered no-code development tool.

Fig Security launched (big launch week) with $38 million in seed and Series A funding for its security operations platform, which helps companies improve how they detect and respond to threats.

Flux raised $37 million in combined Series A and Series B funding as it builds out a browser-based design platform targeted at hardware engineers.

The Runtime roundup

Databricks outpaced Snowflake for fourth-quarter revenue last year, according to Databricks CEO Ali Ghodsi, a milestone that should keep one of enterprise tech's most interesting rivalries going.

MongoDB's stock fell more than 22% Tuesday after it reported earnings Monday that beat expectations but issued guidance that was slightly lower than analysts wanted.

Thanks for reading — see you Thursday!