OpenAI expands Trusted Access for Cyber, opening GPT‑5.5 'Cyber' preview to more partners

Cybersecurity models are getting good enough that the release plan now matters almost as much as the model. That is the real story here. OpenAI did not just ship a stronger system on May 7 — it widened a gated program that lets verified defenders use a more permissive version of GPT‑5.5 for real security work, while trying to keep the same capabilities away from attackers. (openai.com) ### What changed this week? OpenAI expanded its Trusted Access for Cyber program and started a limited preview of GPT‑5.5‑Cyber for vetted cybersecurity teams. The company says the goal is to support defenders responsible for securing critical infrastructure and important software, not to release a general-purpose hacking assistant to everyone. (openai.com)is an identity-and-trust gate wrapped around stronger cyber capability. OpenAI launched TAC in February, then scaled it in April to thousands of verified individual defenders and hundreds of teams. If a person or team gets approved, the model becomes less trigger-happy about refusing legitimate security tasks that ordinary users would still get blocked on. (openai.com) ### What does GPT‑5.5‑Cyber actually do? The short version is that it is tuned to be more useful on defensive security workflows. OpenAI lists vulnerability identification and triage, malware analysis, binary reverse engineering, detection engineering, and patch validation as examples. That matters because normal safety filters often block exactly the kinds of technical steps defenders need in order to understand and fix a real threat. (openai.com) ### So is this just “more hacking power”? Not exactly — and that distinction is the whole product strategy. OpenAI says approved users get lower classifier-based refusals for authorized defensive work, while requests that could enable real-world harm are still meant to be restricted. In other words, the company is trying to separate “help me analyze this exploit so I can patch it” from “help me use this exploit on someone.” That is the hard version of the trick. (openai.com) ### Why gate access by identity? Because frontier cyber models are now close enough to dual-use that open release looks riskier. A model that can explain malware, reason through exploit chains, or validate a proof of concept can save defenders time — but the same skills can help an attacker move faster. TAC is OpenAI’s bet that identity checks, organization vetting, and narrower permissions are a better middle path than either full lockdown or open access. (openai.com) ### Why is Anthropic part of this story? Because Anthropic’s Mythos Preview seems to have changed the tempo. Recent reporting says GPT‑5.5 is testing near Mythos Preview on finding and exploiting software bugs, and OpenAI’s rollout lands about a month after Mythos became the model everyone in Washington and Silicon Valley started worrying about. So this is not just a product update — it is a competitive and policy response. (axios.com) ### Who actually gets in? OpenAI’s public materials point to verified cybersecurity professionals, enterprises, and teams doing authorized defensive work. The application flow asks for identity and organizational details, and OpenAI has described different access levels that affect how permissive the model is. The catch is that this still looks selective, not broad self-serve availability. (open([axios.com)at is the bottom line? OpenAI is treating advanced cyber capability less like a normal model launch and more like controlled infrastructure. That is the signal to watch. The company seems to believe the next wave of AI security tools will be too useful to withhold and too risky to release casually — so access, auditing, and trust gates are becoming part of the product itself. (openai.com)