Frontier AI Goes to Cybersecurity — But Access Is Gated

OpenAI has started rolling out a cybersecurity-tuned model, GPT-5.4-Cyber, to vetted defenders instead of releasing it broadly. (openai.com) The company said on April 14 that it is expanding Trusted Access for Cyber to “thousands” of verified individual defenders and “hundreds” of teams that protect critical software. Bloomberg reported the new model is being offered first to some participants in that program. (openai.com, bloomberg.com) OpenAI said GPT-5.4-Cyber is fine-tuned to be more permissive for defensive security work, including finding flaws in software so organizations can fix them. Axios reported the rollout pairs broader access for verified users with tighter controls on who qualifies. (openai.com, axios.com) Cybersecurity models are built to do a narrow job: read code, spot weaknesses, and help analysts test defenses before attackers do. The same capability can also help a criminal find the same weaknesses faster, which is why model makers are shifting from open release to identity-checked access. (openai.com, bloomberg.com) That shift accelerated this month after Anthropic limited access to Mythos, a model Bloomberg said was released only to a small number of carefully chosen parties because of its hacking potential. Bloomberg also reported that Apple, Amazon, Microsoft and Cisco were among organizations involved in Anthropic’s testing initiative, Project Glasswing. (bloomberg.com, bloomberg.com) OpenAI began this approach on February 5, when it introduced Trusted Access for Cyber and committed $10 million in application programming interface credits for defenders. The company said the program uses identity and trust checks to place stronger cyber capabilities “in the right hands.” (openai.com, openai.com) The company has also been tightening its internal safety rules around cyber-capable systems. OpenAI’s developer documentation says GPT-5.3-Codex was the first model it classified as “High” cybersecurity capability under its Preparedness Framework, triggering extra safeguards and monitoring for suspicious use. (developers.openai.com) Governments and critical industries are already lining up for the gated tools. Bloomberg reported on April 14 that the United States Treasury Department’s technology team was seeking access to Anthropic’s Mythos, and on April 10 that Wall Street banks were beginning internal tests of the model. (bloomberg.com, bloomberg.com) The result is a new release model for frontier artificial intelligence: not public launch first, then guardrails later, but tiered access, background checks, and narrow deployment to security teams. For now, the race in cyber is not about who can ship the widest, but who can decide fastest which users get in. (axios.com, openai.com, bloomberg.com)