OpenAI grants EU access to GPT-5.5

Cybersecurity is the domain here, but the real story is control. Frontier AI labs now have models that can help find software flaws, analyze malware, and speed up defensive work — and Europe does not want to be locked out while U.S. companies decide who gets access. That is the gap this week’s move is trying to close. On May 11, OpenAI said it would extend access in Europe to GPT-5.5-Cyber, its more permissive cyber-defense model, for vetted companies, governments, cyber authorities, and EU institutions. ### What is GPT-5.5-Cyber, exactly? It is not just “the newest model.” OpenAI frames GPT-5.5-Cyber as a specialized version for authorized defensive work — things like vulnerability identification, malware analysis, reverse engineering, detection engineering, and patch validation. The point is lower refusal rates for legitimate security tasks, while still blocking overtly harmful requests like credential theft, stealth, persistence, malware deployment, or attacking third-party systems. (cnbc.com) ### Why is Europe getting special attention? Because Europe has been unusually exposed in this fight. Anthropic’s rival cyber model, Mythos, set off alarm bells in April when European regulators and agencies said they had little or no access to test it, even as selected U.S. partners did. That turned a technical product launch into a sovereignty issue — if the best cyber tools sit behind private U.S. gatekeepers, Europe’s defenders can end up waiting in line. (openai.com) ### Who actually gets access? Not the general public, and not even most developers. OpenAI is routing this through its Trusted Access for Cyber program, which vets defenders before granting more permissive use. The company said European partners can include businesses, governments, cyber authorities, and institutions such as the EU AI Office. Reporting around the rollout also named Deutsche Telekom and BBVA among the early corporate recipients. (politico.eu) ### Why does the vetting matter so much? Because this is the hard version of the AI safety problem. A model that helps a defender find a vulnerability can also help an attacker find the same weakness faster. The difference is not the raw capability — it is who gets the model, under what controls, and with what logging and identity checks. OpenAI’s answer is basically gated access plus stronger account security, including a requirement that users of its most permissive cyber models enable Advanced Account Security starting June 1, 2026. (cnbc.com) ### Is this broader than one model launch? Yes — much broader. OpenAI tied the rollout to an EU Cyber Action Plan and to a wider push it calls democratizing AI-powered defense. The company’s pitch is that cyber resilience should not depend on a tiny club of insiders. That is a direct contrast with the more selective way Anthropic handled Mythos, where Europe spent weeks trying to secure meaningful preview access. (openai.com) ### So is OpenAI being more open than Anthropic? In Europe, yes, at least for now. Anthropic limited Mythos to a relatively small set of partners and had not reached the same stage of access talks with the European Commission by May 11. OpenAI used that opening to position itself as the lab willing to bring EU institutions into the room earlier. That does not make the model “open” in the usual sense — it is still tightly controlled — but it does shift the politics. (cnbc.com) ### What changes next? The immediate change is practical — more European defenders can test advanced AI inside real security workflows instead of debating it from the outside. The bigger change is strategic. Frontier labs are no longer just shipping chatbots; they are becoming chokepoints for national and corporate cyber capability. Europe is signaling that if these tools are going to shape public safety, it wants access before the rules harden around someone else’s priorities. (cnbc.com) ### Bottom line? This is less about one model than about who gets to defend with frontier AI first. OpenAI just gave Europe a clearer path in. (cnbc.com)