OpenAI's cyber model
OpenAI released GPT‑5.4‑Cyber and is expanding its Trusted Access for Cyber programme to thousands of vetted users for defensive cybersecurity work. The model is being limited to verified defenders as OpenAI scales access, a move that comes days after a similar security‑focused release from Anthropic and highlights competition over semi‑restricted, high‑trust AI deployments (cyberscoop.com) (helpnetsecurity.com) (thenextweb.com) (parameter.io).
OpenAI has started rolling out GPT-5.4-Cyber, a version of GPT-5.4 tuned for defensive security work, to vetted users in its Trusted Access for Cyber program. (openai.com) The company said on April 14 it is expanding that program to “thousands” of verified individual defenders and “hundreds” of teams that protect critical software. OpenAI said GPT-5.4-Cyber is “cyber-permissive,” meaning it is tuned to answer more security questions for approved users than a general model would. (openai.com) Cybersecurity here means finding and fixing software weaknesses before attackers exploit them. OpenAI said the new model is meant for tasks such as vulnerability research, malware analysis, incident response, and secure code review. (helpnetsecurity.com) OpenAI is not opening this model to the public. The company said access is gated by identity checks, trust signals, monitoring, and usage restrictions designed to keep higher-risk cyber capabilities with verified defenders. (openai.com) The release follows a broader shift in how frontier artificial intelligence companies handle cyber tools that can help both defenders and attackers. In its March 5 system card for GPT-5.4 Thinking, OpenAI said GPT-5.4 was its first general-purpose model with mitigations for “High” cybersecurity capability. (openai.com) Anthropic made a similar move one week earlier. On April 7, the company announced Claude Mythos Preview and Project Glasswing, saying it would give selected defenders early access to a model it described as “strikingly capable” at computer security tasks. (anthropic.com 1) (anthropic.com 2) OpenAI is also tying the rollout to a larger ecosystem push. On April 16, it said firms including Bank of America, BlackRock, BNY, Citi, Cisco, CrowdStrike, Goldman Sachs, JPMorgan Chase, Morgan Stanley, NVIDIA, Oracle, SpecterOps, and Zscaler had signed up to support the effort. (openai.com) The company said it has provided GPT-5.4-Cyber access to the United States Center for AI Standards and Innovation and the United Kingdom AI Security Institute for evaluations of the model’s cyber capabilities and safeguards. Those outside reviews are part of OpenAI’s plan to keep expanding access as it learns from real-world use. (openai.com) OpenAI framed the launch as preparation for more capable models in the next few months. For now, its message is that the strongest cyber features will be shared first with named, verified defenders rather than released broadly. (openai.com)
