OpenAI launches GPT‑5.4‑Cyber

OpenAI on April 14 said it is releasing GPT‑5.4‑Cyber, a version of its flagship model tuned for defensive cybersecurity and limited to vetted users. (openai.com) The company said access will run through an expanded Trusted Access for Cyber program that now covers “thousands” of verified individual defenders and “hundreds” of teams that protect critical software. Reuters reported the rollout as a restricted release rather than a general product launch. (openai.com) (reuters.com) OpenAI described the new model as a “cyber-permissive” variant of GPT‑5.4, meaning it is tuned to help with defensive security work that broader public models often refuse because the same knowledge can be misused. The base GPT‑5.4 model was introduced on March 5 with coding, tool use and a context window of about 1 million tokens. (openai.com 1) (openai.com 2) Cybersecurity here means finding and fixing weaknesses in software before attackers exploit them. OpenAI said GPT‑5.4‑Cyber is aimed at tasks such as vulnerability discovery, malware analysis and reverse engineering for defenders, while its access rules are meant to keep those capabilities away from unverified users. (openai.com) (infosecurity-magazine.com) The timing follows a shift in how leading artificial intelligence labs are handling security-capable models. On April 7, Anthropic announced Claude Mythos Preview and said its cybersecurity strength came from broader gains in coding and software understanding. (anthropic.com 1) (anthropic.com 2) Anthropic paired that release with Project Glasswing, a program focused on securing critical software, and described Mythos 2 Preview as strong enough at finding and exploiting vulnerabilities to surpass most humans. Reuters and other outlets cast OpenAI’s move as a direct answer one week later. (anthropic.com) (reuters.com) OpenAI said it has been building toward this release for years and tied the rollout to a cybersecurity grant program and to what it called “iterative deployment,” releasing stronger systems in narrower settings first. The company also said more capable models are expected “over the next few months,” which it cited as a reason to scale restricted access now. (openai.com) The safeguards are not new in name, but OpenAI says they are new in degree. Its March system card for GPT‑5.4 Thinking said that model was the first general-purpose system in the GPT‑5 line to include mitigations for “High capability in Cybersecurity,” and the new cyber variant adds tighter identity checks and use restrictions on top. (openai.com 1) (openai.com 2) That leaves the industry with a narrower question than whether these models can write code. The question now is which defenders get access first, under what verification rules, and whether those guardrails hold as labs release more powerful systems into security work. (openai.com) (anthropic.com)