When investors talk about “AI in defense,” it’s easy to default to the Hollywood version: a breakthrough model, a smarter drone, a dramatic leap in capability. The real shift is less cinematic and more industrial. Defense is increasingly trying to buy affordable mass large numbers of “good enough” unmanned systems then use autonomy to compress the observe–decide–act loop so that quantity becomes a form of quality. That’s the Replicator logic in one line: speed and scale, not exquisite one-offs.

The timing matters because the macro budget backdrop is firming up. NATO’s Hague Summit Declaration hard-coded a 5% of GDP commitment by 2035, with at least 3.5% for core defense requirements plus 1.5% for related spending, and it explicitly calls for annual plans to show a credible path. Globally, IISS estimates 2025 defense spending reached $2.63 trillion, up from $2.48 trillion in 2024 an important “base rate” tailwind even before you argue about who wins share.

From that foundation, the investable question becomes surprisingly practical: who can actually manufacture, integrate, and field autonomy at scale and who sits in the “new munitions” categories that will be consumed continuously (counter-drone) rather than bought once per decade (airframes)?

The second structural shift is architectural: open systems and the decoupling of software from hardware. The U.S. Air Force is now explicitly validating a modular open-systems approach for Collaborative Combat Aircraft (CCA), with the stated goal of rapidly integrating best-of-breed tech from any vendor and avoiding “vendor lock.” This matters because it changes where value can accrue. In a closed ecosystem, primes capture most of the economics. In an open architecture, the mission systems, autonomy software, avionics, test/verification, and integration layer can gain pricing power if they become “plug-and-play” in a government-owned reference framework.

Europe is pushing on a different lever: industrial policy. SAFE (Security Action for Europe) is designed to provide up to €150 billion in loans to accelerate defense investment through common procurement, explicitly framed around strengthening Europe’s defense industrial base and scaling production. The Commission’s Readiness Roadmap 2030 also sketches “flagship” projects like a European Drone Defence Initiative and Eastern Flank Watch more signals that procurement is being tied to capacity-building, not just buying.

That’s why “Europe is rearming” is an incomplete statement. The more precise version is: Europe is trying to rearm in a way that forces domestic scale and joint buying, and that tends to favor local primes plus the electronics/sensors/drone ecosystem clustered around them.

Where this becomes urgent and where timelines compress is counter-drone (C-UAS). Drone proliferation makes C-UAS feel less like a niche and more like a new class of consumable capability, with a recurring “detect–decide–defeat” loop: radar/EO-IR/RF sensing, AI-enabled fusion and identification, then EW or kinetic effectors. The EU’s Drone & Counter-Drone Action Plan is basically a policy acknowledgment that this category needs coordinated standards, preparedness, detection, and response at scale.

The investor implication is subtle but important: you don’t win C-UAS by selling one component in isolation. You win by being the system house or by owning a component so critical (or so hard to integrate) that the system house can’t avoid you.

1) “Loyal wingman” / attritable UAS + mission autonomy software
If CCA-style programs keep pushing modular integration, the prize is not only the “flying truck,” but the autonomy and mission systems layer that can be onboarded, validated, and iterated quickly. The best setups tend to be companies that either (a) deliver producible platforms and can pass integration hurdles, or (b) sit in the mission systems / autonomy software / integration testing ecosystem that becomes the “repeatable” layer across multiple platforms.

2) C-UAS as a scaled kill chain (sensing → decision → effect)
The demand driver is immediate and tactical: drones are cheap, numerous, and evolving. That pushes militaries toward layered C-UAS EW plus kinetic, cueing plus fusion, plus shorter procurement cycles. The EU’s action plan reinforces that procurement will increasingly favor integrated solutions and rapid production ramp-up.

3) Europe’s joint procurement + domestic production flywheel
SAFE and the Roadmap are essentially a demand visibility mechanism: they don’t eliminate politics, but they reduce the “will they / won’t they” uncertainty for capacity investment. SAFE is explicitly about financing urgent, large-scale procurement to ensure European industry can deliver in time.

1) Human control / ethics / regulation as a real brake (especially lethal autonomy)
The CCW GGE on LAWS is meeting again in 2026, and the governance conversation isn’t going away. UNIDIR and related work keep flagging failure modes like automation bias and escalation risk exactly the types of concerns that can show up as contract clauses, export limits, and “guardrails” requirements that reshape product roadmaps.

2) Supply chain and production scaling risk
“Affordable mass” is a manufacturing thesis. If production can’t ramp, unit costs rise, delivery slips, and the whole concept degrades into boutique procurement. Europe’s push to “invest together” is itself an admission that scale is the bottleneck.

3) Budget politics and priority conflicts
Even with a bigger top line, defense ministries still choose between conventional stockpiles and high-tech bets. Recent German procurement debate around drones is a reminder that these shifts are politically mediated, not purely operational.

Here’s the part that most defense-AI narratives still underweight: model access is becoming political. It’s not just “which AI is best,” but “which AI is allowed,” under what constraints, on what networks, for which contractors.

Anthropic (Claude) is the clearest flashpoint. In late February 2026, Anthropic publicly stated that the Department of War (as described in U.S. government communications cited by the company) moved to designate Anthropic a “supply chain risk” after negotiations hit an impasse over two requested exceptions: mass domestic surveillance of Americans and fully autonomous weapons. Wired reported that the designation created immediate downstream confusion for contractors, quoting language that “no contractor… may conduct any commercial activity with Anthropic,” highlighting how quickly a model vendor can become a compliance constraint in the defense supply chain. Described a broader federal push to phase out Anthropic technology across agencies after the standoff.

OpenAI sits on the other side of this moment not as “the lab that says yes to everything,” but as the lab that is willing to contract with the Pentagon while publishing “red lines.” OpenAI’s agreement includes layered safeguards and three core prohibitions: mass domestic surveillance, autonomous weapon targeting, and critical automated decision-making. That’s the key nuance investors should internalize: the market is not moving to “no guardrails.” It’s moving to contract-defined guardrails, with a short list of unacceptable uses and a larger zone of permitted defense applications.

Then there’s xAI/Grok. Axios reporting (amplified by other outlets) indicates xAI reached a deal for Grok to be used in classified systems effectively adding a second model into environments where Anthropic was previously the only option. That’s not just incremental revenue; it’s strategic positioning. Once a model is cleared for sensitive workflows, it gains a kind of institutional “legitimacy,” which can spill into contractor ecosystems and adjacent national security programs.

So when you ask, “Did Sam Altman and Elon Musk give a green light to defense use?” the accurate framing is: they are willing to work with defense under explicit constraint sets, while Anthropic is publicly contesting where those constraints should be drawn (and appears to have been penalized for it).

In the near term, OpenAI and xAI plausibly benefit from being “approved vendors” as the Pentagon pushes AI deployment onto classified networks. The Pentagon has been signing AI agreements with multiple labs, each reportedly worth up to $200 million, reflecting a strategy of maintaining flexibility rather than picking a single winner.

But the hidden risk is reflexive: if model access becomes politicized, contractors may be forced to standardize around “allowed” vendors, and those vendors may inherit not just revenue but reputational and legal exposure tied to downstream use. In other words, the upside is not free; it comes with a new kind of tail risk.

If you’re building an investable framework, the cleanest way is to bucket by where the value accumulates.

I’d watch three signal clusters.

First, program signals: Replicator moving from narrative to procurement at scale, and CCA open architecture translating into real third-party software onboarding, not just press releases.

Second, Europe signals: SAFE loan utilization and the degree to which “joint procurement” becomes real contract flow (and not only policy language), plus whether drone/counter-drone plans turn into funded programs.

Third, guardrails signals: contract language, enforcement mechanisms, and vendor eligibility in classified environments because the Anthropic episode shows this can flip quickly and cascade into contractor compliance overnight.

If 2026 ends up being the “agent year” in defense, it won’t be because AI got smarter in the abstract. It will be because production, integration, governance, and political legitimacy started moving in the same direction at the same time and that’s the combination that creates durable spending categories rather than one-off pilot budgets.