OpenAI building cyber tool

OpenAI is reportedly building a cybersecurity product that it does not plan to put on the open market, and Axios says the first users would be a small set of partners instead of the public. That is a sharp break from the usual pattern where new artificial intelligence tools show up first as chatbots or developer application programming interfaces. (axios.com) The timing is not random. Two days earlier, Anthropic announced Claude Mythos Preview, a separate model it said would be used only by a consortium of major companies for defensive security work under a program called Project Glasswing. (anthropic.com, techcrunch.com) Cybersecurity models are built to do the digital version of walking around a building and testing every door, window, and fire exit. In software, that means reading code, spotting weak points, and sometimes showing how an attacker could chain small bugs into a real break-in. (anthropic.com, businessinsider.com) That is useful for defenders because the same skill that finds a flaw before a criminal does can also help explain how to fix it. It is dangerous for the same reason: a model that can map the holes in a network can also hand an intruder a shortcut. (openai.com, businessinsider.com) OpenAI has already said cybersecurity is one of the frontier risks it tracks in its Preparedness Framework, alongside biological and chemical risks, persuasion, and autonomy. That framework says models should be evaluated before deployment and that stronger safeguards are required as capability rises. (openai.com) So the new product looks less like a side project and more like a sign that the companies making the strongest models now think some abilities belong behind a gate. Axios reports that OpenAI sees this as a distinct offering rather than just another version of its consumer models. (axios.com) Anthropic’s rollout shows what that gate can look like in practice. Project Glasswing launched with partners including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, and Palo Alto Networks. (anthropic.com) That partner list tells you who these tools are for: companies that run cloud systems, chips, banking networks, and security software used by millions of people. A model that can find vulnerabilities faster is most valuable when pointed at the plumbing of the internet, not at a single laptop. (anthropic.com) It also hints at where the market is going. TechCrunch reported that Anthropic kept Mythos to a small group of high-profile organizations, and Axios says OpenAI is preparing a similar limited release, which suggests the next competition between model makers may happen inside private enterprise programs before it reaches consumers. (techcrunch.com, axios.com) The unresolved question is whether these systems stay mostly defensive or become too capable to separate defense from offense in any clean way. OpenAI’s own framework defines severe harm in part as thousands of deaths or hundreds of billions of dollars in economic damage, which is the scale the labs now say they are planning around. (openai.com)