Last year, we decided to narrow Sentinel’s focus on biotech governance. Since then, we’ve stress-tested our strategy relentlessly – asking hard questions about where we might be wrong, while doubling down where the evidence gives us conviction.
In 2025, we put this to the test with a research sprint organized around two questions:
- If we reach our victory condition, how much would synthesis screening reduce bioterrorism risks?
- Are any other physical materials, equipment, or services even better chokepoints than synthetic DNA?
First and foremost, we examined this from an impartial perspective. Independent of any organizational constraints, what are the best chokepoints for risk reduction? (“What would a billionaire with a 100 FTE team do?”) Then we considered Sentinel’s perspective: What should we do, given our available resources, constraints, and comparative advantage?
An ambitious victory condition for synthesis screening
To assess the biorisk reduction we can get from robust synthesis screening, we first defined what success looks like.
Using our metrics for tracking progress – the global prevalence and quality of synthesis screening – we stipulated what it’d look like to achieve victory by 2030: more than 80% of mail-order providers and benchtop manufacturers globally are screening sequences >50 nucleotides, and more than 90% of companies that screen correctly identify a non-obvious sequence of concern in a realistic red-teaming scenario.
To be clear, this is incredibly ambitious. But we’re encouraged by recent policy developments in the US, EU, UK, and elsewhere, with several legislative proposals to ensure high-quality biosecurity screening across crucial biotechnology jurisdictions. This year, Lawmakers have concrete opportunities to deliver some of the biggest policy wins for biotech governance in a decade.
Beyond the policy developments, we have made significant progress in developing free screening tools, advancing the science of biosecurity screening, and building a growing community of dedicated colleagues working on this full-time. As we seize this momentum, it will soon be far harder for bad actors to obtain synthetic DNA.
What we learned about synthesis screening
Next, we worked with a team of biosecurity experts to model the probability that malicious non-state actors would acquire synthetic DNA under our stated victory condition.
The honest answer is that reaching our win condition won’t make it impossible for bad actors to acquire synthetic DNA. But we can close the easiest and cheapest pathways for buying DNA that exist today, such as ordering gene-length DNA from providers that don’t screen at all, making it meaningfully harder for anyone to weaponize biology.
The question we’re asked the most (by far!) when presenting this work is why it’s sufficient that only 80% of providers screen. A key insight from our modelling is that securing synthetic DNA isn’t just about denying orders outright. Screening can also deter bad actors from buying synthetic DNA in the first place, and it creates opportunities for law enforcement to detect and intercept attacks before they unfold.
The deterrent effect is especially powerful if bad actors can’t easily tell which providers screen and which don’t. When we achieve a system where illegitimately ordering hazardous DNA carries a real risk of law enforcement intervening, fewer malicious actors will try in the first place, reducing the number of illicit attempts our screening systems need to detect. At Sentinel, we’ve historically invested less in deterrence and law enforcement, so we’re using this quarter to develop a strategy and explore grants in these areas.
At the same time, we’re tirelessly investigating key cruxes around the feasibility of reaching our victory condition by 2030. For example, we’re conducting a study on the difficulty of assembling shorter DNA fragments into viral genomes, helping us understand the significance of securing access to short oligonucleotides. Given the decentralized nature of the oligo market and the proliferation of benchtop synthesizers, establishing access controls for short oligos would entail a substantial update to our strategy and the feasibility of achieving our victory condition.
Some of our strategic cruxes remain unresolved, and we’re working hard to make progress on them over the coming months. We may have to update our strategy along the way, but we’re committed to going where the evidence leads us.
Since there are many other interventions in biosecurity we could spend our finite time and resources on, we keep coming back to a simple gut check: would we be willing to commit many years of our lives to this one cause, given the opportunity cost?
Today, both of us can answer this with a clear yes.
What we learned about other physical chokepoints
There are two reasons we explored physical chokepoints beyond synthesis screening. First, while synthesis screening will be critical for preventing bioterrorism, it won’t be sufficient to reduce risks to an acceptable level. Second, other physical chokepoints seem to receive comparatively little attention. RAND released an excellent report on physical access controls and monitoring last year, but beyond that, public work on the topic is sparse.
We commissioned a leading biosecurity consultancy and assembled a dedicated in-house team of researchers – Alex Norman, Dana Gretton, and Reed Trende – to investigate alternative biotech access controls, including materials, reagents, equipment, and services like contract research organizations or cloud labs.
After evaluating over 200 alternative chokepoints, from lab equipment like biosafety cabinets to biological reagents like cell culture media, we concluded that nothing stands out as clearly superior to synthetic DNA. This comes down to three factors. First, most pathways to human-caused pandemic-level harm involve synthetic nucleic acids. Second, DNA sequences have a much stronger signal-to-noise ratio for inferring intent than common lab items like pipettes. Finally, gene-length DNA remains a hard-to-commodify product — unlike, say, home-made explosives, which can be manufactured with limited resources and expertise.
We also noticed a fundamental tension when evaluating other chokepoints: the more pathogen-agnostic the control, the worse the signal-to-noise ratio tends to be. Controls on liquid nitrogen delivery or biosafety cabinets may be useful, but they would also burden a majority of legitimate biology labs. Pathogen-specific controls, on the other hand, offer a clearer signal: some cell lines, for instance, are used almost exclusively for working with a small number of viruses. However, controls on these high-signal materials can often be circumvented by simply switching to a different pathogen. The challenge is finding the right balance between robustness and specificity — chokepoints that are relatively threat-agnostic but tractable enough to govern without imposing disproportionate costs on legitimate research.
We identified two chokepoints that could be exceptionally promising complements to nucleic acid synthesis security:
- Live pathogen repositories, a commercial acquisition pathway for bacteria and viruses.
- Contract research organizations (CROs) and, to a lesser extent, cloud labs, which may allow non-experts to outsource the physical lab work.
While improving know-your-customer (KYC) controls to deny access to these chokepoints is an important first step, it won’t be enough on its own. Building on work by RAND and MITRE, we also recommend monitoring access, not just restricting it. A suspicious activity reporting system that pools data across suppliers and products could flag patterns that individual checks would miss.
Looking ahead
For now, we expect to remain focused on achieving our victory condition for nucleic acid synthesis security as quickly and robustly as possible. Our analysis suggests that this is an unusually effective chokepoint for preventing misuse; we have strong momentum and comparative advantages in this space, and we’re firm believers in the power of focus and doubling down.
However, we see tremendous value in others picking up the baton in other areas, understanding and securing other promising chokepoints such as pathogen repositories, CROs, and cloud labs. We also know that future biotech will look very different, and we’ll need dedicated efforts to track, forecast, and understand developments that will shift the risk landscape.
If you’re reading this and feel drawn to any of these problems, we’d be happy to share more of our work on these topics – please fill out this form, and we’ll get in touch about sharing our internal reports.
Closing thoughts
We’ve been heartened by the process of conducting this research and the responses to it. Many colleagues generously shared their time and expertise to help us learn and update our views on these questions. We’re grateful to be part of a community that shares our commitment to generating rigorous evidence and following where it leads, and we hope this work proves as useful to others as their insights have been to us.
We’re particularly grateful to Rocco Casagrande, Courtney McMahon, Dana Gretton, Alex Norman, and Reed Trende, who contributed substantial parts of the research. We also thank Henry Willis, Alex Kleinman, Andrew Snyder-Beattie, Damon Binder, Forrest Crawford, Kevin Esvelt, Jolien Sweere, Bhuvana Sudarshan, Lee Wall, Sriharshita (Harshu) Musunuri, Joe Torres, and Richard Bruns for helpful feedback and discussions. Any errors remain our own.
