OpenAI's cyber model rollout
OpenAI announced GPT‑5.4‑Cyber, a version of its flagship model fine‑tuned for defensive cybersecurity use and released via a tiered, vetted access programme. Initial access targets security vendors, researchers and vetted organisations under a Trusted Access for Cyber scheme, and OpenAI noted routing/fallback behaviour for paid customers in its release notes. (reuters.com) (axios.com) (help.openai.com)
OpenAI on April 14 said it is rolling out GPT-5.4-Cyber, a version of its flagship model tuned for defensive cybersecurity work. (openai.com) The company said the model will not be broadly public at launch. Initial access goes to vetted security vendors, researchers and organizations through higher tiers of OpenAI’s Trusted Access for Cyber program. (reuters.com) Trusted Access for Cyber is OpenAI’s identity-and-trust gate for stronger cyber features. OpenAI introduced the program in February and said on April 14 that it is expanding it to thousands of verified individual defenders and hundreds of teams protecting critical software. (openai.com ) (openai.com) OpenAI said higher verification tiers unlock more capable tools. Reuters reported that users approved for the highest tier will get GPT-5.4-Cyber, which has fewer restrictions on sensitive tasks such as vulnerability research and analysis. (reuters.com) The model is aimed at a narrow job: finding and understanding software flaws before attackers do. OpenAI said it is training models to be more “cyber-permissive” for legitimate defenders as more capable systems arrive in the coming months. (openai.com) The rollout lands one week after Anthropic announced Claude Mythos Preview on April 7 under its own controlled cybersecurity effort, Project Glasswing. Anthropic said select partners can use that unreleased model for defensive work. (reuters.com) (anthropic.com) OpenAI is taking a more tiered approach than a single closed partner list. Axios reported that the company paired the new model with a roadmap for expanding access to advanced cyber systems while tightening controls over who can use them. (axios.com) This push builds on OpenAI’s earlier security products. The company said it has run a Cybersecurity Grant Program since 2023, added cyber-specific safeguards in 2025, and launched Codex Security earlier in 2026 to help find and patch vulnerabilities in code. (openai.com 1) (openai.com 2) The release also comes with a separate product note for paying ChatGPT users. OpenAI’s model release notes say GPT-5.4 mini is used as a fallback for GPT-5.4 Thinking when Plus, Pro and other paid users hit rate limits. (help.openai.com) For now, OpenAI is treating cyber capability as something to widen slowly, not ship everywhere at once. The next test is whether that vetting system can scale as more powerful models move from general chat into security work. (openai.com)
