OpenAI limits GPT‑5.5‑Cyber preview to vetted cybersecurity teams

Cybersecurity models are starting to split into two categories. There’s the broadly available model most people get, and then there’s the more permissive version that only t(openai.com) is rolling out GPT‑5.5‑Cyber in limited preview to teams responsible for securing critical infrastructure, instead of releasing it as a normal public model. (openai.com)It’s a cybersecurity-tuned variant of GPT‑5.5, the general model OpenAI released on April 23. The company is framing it less as a giant leap in raw intelli(openai.com)sier by loosening some automated refusals for approved defenders. (openai.com) ### Why not just give everyone the model? Because cyber prompts are messy. “Find the bug in this code” can mean patch my software — or help me break into someone else’s. OpenAI’s whole Trusted Access for Cyber program exists to handle that ambiguity. The model can be more helpful for legitim(openai.com)he lower-friction version. (openai.com) ### What can approved teams do with it? OpenAI says vetted users can get lower classifier-based refusals for vulnerability identification and triage, malware analysis, binary reverse engineering, detection engineering, and patch validation. In(openai.com)out the exact tasks blue teams, incident responders, and product security groups actually do every day. (openai.com) ### What still stays blocked? The catch is that “more permissive” does not mean open season. OpenAI says safeguards still block requests tied to credential theft, stealth, persistence, malware deployment, or exploit(openai.com)nsive depth from offensive abuse — basically, let defenders inspect the lock without handing out lockpicks. (openai.com) ### Who gets access first? Not ordinary ChatGPT users. OpenAI says the preview is for defenders securing critical infrastructure, and Politico reported the company also briefed White House officials, the Commerce Departme(openai.com)s before rollout. That tells you this is being treated as a national-security-adjacent release, not just a product launch. (openai.com) ### What extra controls come with access? OpenAI is attaching operational rules to capability. Members using its most cyber-capable, permissive models will have to enable Advanced Account(openai.com)or increased access. That matters because the risk is not only model misuse — it’s also someone stealing a defender’s account and inheriting the model’s permissions. (openai.com) ### Why is this showing up now? OpenAI has been building toward this all year. It launched Trusted Access for Cyber in February, expanded it in April with GPT‑5.4‑Cyber, and is n(openai.com)pattern is clear — capability rises, then governance and access controls get more granular. (openai.com) ### Why does this matter beyond security teams? Because this is probably what frontier AI distribution looks like next. Not one model, one price, one policy — but risk-tiered routing, identity checks, and different permissions for different users. In cyber first, because th(openai.com)read to biology, autonomy, and other high-stakes domains. (openai.com) ### Bottom line? OpenAI didn’t just ship a cyber model. It shipped a template for how dangerous-but-useful AI may get sold — stronger help for vetted teams, tighter gates for everyone else. (openai.com)