OpenAI narrows GPT access

OpenAI is keeping its new cybersecurity model out of a broad public release and giving it first to vetted defenders. (nytimes.com) The model, called GPT-5.4-Cyber, was announced Tuesday, April 14, and OpenAI said it is a fine-tuned version of GPT-5.4 built for defensive cybersecurity work. Reuters reported the first users will be vetted security vendors, organizations, and researchers because the system is more permissive on sensitive cyber tasks. (openai.com) (money.usnews.com) OpenAI is routing access through its Trusted Access for Cyber program, which the company introduced in February 2026 and is now expanding to thousands of verified individual defenders and hundreds of teams that protect critical software. Reuters said the new version adds verification tiers, and the highest tier unlocks GPT-5.4-Cyber. (openai.com 1) (openai.com 2) (money.usnews.com) Cybersecurity models are built to help defenders find weak spots in software before attackers do, which can mean spotting bugs, analyzing malicious code, or testing how a system might fail. OpenAI said newer models can also help attackers, so it is tying broader capability to identity checks, know-your-customer screening, and staged deployment. (openai.com) The timing follows a sharper turn across the artificial intelligence industry. On April 7, Anthropic said it would keep Claude Mythos Preview inside a controlled program called Project Glasswing for select organizations doing defensive security work. (anthropic.com) (money.usnews.com) Anthropic said more than 40 additional organizations that build or maintain critical software infrastructure would get access through Project Glasswing, alongside launch partners including Amazon Web Services, Apple, Google, Microsoft, Nvidia, and Palo Alto Networks. That put pressure on OpenAI to explain how it would handle similar cyber capabilities in its own frontier models. (anthropic.com 1) (anthropic.com 2) OpenAI said it has been building toward this since 2023 through its Cybersecurity Grant Program and added cyber-specific safeguards to model deployments in 2025. In February 2026, the company paired Trusted Access for Cyber with a $10 million commitment in application programming interface credits for defensive work. (openai.com 1) (openai.com 2) The company’s pitch is that access should widen over time, but only with stronger checks on who is using the tools and for what purpose. For now, the opening move is narrower: powerful cyber help for trusted users, not for everyone with a chatbot account. (openai.com) (nytimes.com)