OpenAI's cyber model

OpenAI has started rolling out GPT-5.4-Cyber, a version of its flagship model tuned for defensive cybersecurity and limited to vetted users. (openai.com) The company said on April 14 that GPT-5.4-Cyber will go first to vetted security vendors, organizations, and researchers through its Trusted Access for Cyber program. Reuters reported the release came one week after Anthropic announced its own restricted cyber model, Claude Mythos Preview, on April 7. (reuters.com) In plain terms, these systems are built to help defenders inspect code, test software, and find weaknesses before criminals or spies do. OpenAI said GPT-5.4-Cyber is trained to be more “cyber-permissive,” meaning it allows more detailed vulnerability research than its standard models for users who clear higher verification tiers. (openai.com) OpenAI said it is expanding Trusted Access for Cyber to thousands of verified individual defenders and hundreds of teams that protect critical software. Axios reported the company is pairing that expansion with tiered access controls that decide which users can reach more capable cyber features. (openai.com) (axios.com) The access system relies on “know your customer” identity checks and stronger verification for higher-risk capabilities, according to OpenAI. Reuters reported that users approved for the highest tier get GPT-5.4-Cyber, which has fewer restrictions on tasks such as vulnerability research and analysis. (openai.com) (reuters.com) The timing reflects a fast shift in how leading artificial intelligence labs are handling cyber tools. Anthropic said its Project Glasswing is giving Claude Mythos Preview to 12 launch partners including Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, and Palo Alto Networks, while extending access to more than 40 additional organizations. (anthropic.com) Anthropic said Project Glasswing includes up to $100 million in usage credits and $4 million in donations to open-source security groups. Reuters reported Anthropic has said Mythos found “thousands” of major vulnerabilities in operating systems, web browsers, and other software. (anthropic.com) (reuters.com) OpenAI is taking a different route on distribution. Axios reported the company is shifting from broad model restrictions toward tighter controls on who gets access, while OpenAI said it wants advanced defensive tools available to legitimate actors “large and small,” including teams protecting critical infrastructure and public services. (axios.com) (openai.com) OpenAI framed GPT-5.4-Cyber as preparation for stronger systems still to come. In its April 14 post, the company said it is building these access rules and safeguards “in preparation for increasingly more capable models” expected over the next few months. (openai.com)