OpenAI Launches Cyber Model

OpenAI has launched GPT-5.4-Cyber, a cybersecurity model it is giving to verified defenders instead of the general public. (openai.com) OpenAI said on April 14 that it is expanding its Trusted Access for Cyber program to “thousands” of verified individual defenders and “hundreds” of teams that protect critical software. The company said customers in its highest access tiers can request GPT-5.4-Cyber. (openai.com) The new system is a variant of GPT-5.4 that OpenAI said was fine-tuned to be “cyber-permissive,” meaning it is more willing to help with legitimate security work such as finding software flaws. OpenAI said it is preparing for “increasingly more capable models” in the next few months and is testing gated access before broader deployment decisions. (openai.com) Cybersecurity models can help defenders inspect code, spot weak points and fix bugs faster, but the same skills can also help attackers. OpenAI said it is using identity checks and know-your-customer verification to decide who can use more advanced cyber capabilities. (openai.com) The timing follows Anthropic’s April 7 launch of Claude Mythos Preview, another restricted model aimed at defensive security work. Anthropic said Mythos would initially go to a select group of companies through Project Glasswing, including Microsoft, Amazon, Apple, CrowdStrike and Palo Alto Networks. (cnbc.com) Anthropic’s technical write-up said Mythos was able to identify and exploit previously unknown software flaws, known as zero-day vulnerabilities, across major operating systems and web browsers during testing. Anthropic said more than 99% of the flaws it found were still unpatched, which is why it withheld most technical details. (anthropic.com) OpenAI is framing its approach differently from Anthropic’s smaller initial partner list. Axios reported that OpenAI is using a tiered access system that opens stronger cyber tools to verified users while still keeping controls on who gets them. (axios.com) OpenAI said this work builds on a cyber defense effort it has been developing since 2023, including a Cybersecurity Grant Program, cyber-specific safeguards added in 2025, and the launch of Codex Security earlier in 2026. The company said its goal is to make advanced defensive tools available to legitimate actors “large and small,” including teams protecting critical infrastructure and public services. (openai.com) For now, the message from both companies is the same: the newest cyber models are being released behind gates first, not pushed straight to everyone. OpenAI said GPT-5.4-Cyber is the first step in a broader plan to scale cyber defense alongside more capable models. (openai.com)