OpenAI rolls out GPT‑5.4‑Cyber
OpenAI unveiled GPT‑5.4‑Cyber, a version of its model fine‑tuned for defensive cybersecurity tasks and released with tiered access for vetted users and teams. Reporting says vetted security professionals can use workflows for reverse engineering, vulnerability analysis and malware analysis under the controlled access model. (reuters.com) (axios.com) (cybersecuritynews.com)
OpenAI on April 14 released GPT‑5.4‑Cyber, a version of its GPT‑5.4 model tuned for defensive cybersecurity work and restricted to vetted users. (openai.com) The company said the model is available through an expanded Trusted Access for Cyber program that now covers thousands of verified individual defenders and hundreds of teams protecting critical software. Reuters reported the rollout came one week after Anthropic announced its own controlled cyber model program. (openai.com) (reuters.com) Cybersecurity work here means tasks like reverse engineering code, analyzing software flaws and examining malware, which is malicious software used to break into or damage systems. OpenAI said GPT‑5.4‑Cyber is “more permissive” for those defensive workflows than its general models, but only inside the controlled access program. (axios.com) (openai.com) The release extends a pattern that has emerged in 2026: frontier model companies are building separate lanes for high-risk cyber research instead of offering the same capabilities to every user. Anthropic announced Claude Mythos on April 7 under a limited “Project Glasswing” program for defensive cybersecurity organizations. (reuters.com) (axios.com) OpenAI tied the move to its broader safety framework for advanced models. The company said it is pairing wider access for trusted defenders with stronger safeguards, evaluations and monitoring as model cyber capabilities improve. (openai.com 1) (openai.com 2) GPT‑5.4‑Cyber is built on GPT‑5.4, which OpenAI introduced on March 5 as its flagship model for professional work. That base model supports up to 1 million tokens of context in the application programming interface and Codex, along with coding, tool use and computer-use features. (openai.com) (developers.openai.com) OpenAI said the cyber version is meant for defenders responsible for securing real systems, not for open public use. Axios reported the company is using tiered access rules, with more capable cyber assistance reserved for users and teams that pass verification and oversight checks. (openai.com) (axios.com) The company is betting that security teams will use the model to find and fix weaknesses faster than attackers can exploit them. For now, OpenAI is keeping that bet inside a gated program rather than releasing GPT‑5.4‑Cyber to everyone. (openai.com) (reuters.com)
