OpenAI gates cyber model

OpenAI on April 14 introduced GPT-5.4-Cyber, a version of its flagship model built for defensive cybersecurity work and kept behind a vetted-access program. (openai.com) The company said the model is being released first to vetted security vendors, organizations, and researchers because it is more permissive on sensitive tasks such as vulnerability research and analysis. Reuters reported the rollout came one week after Anthropic announced its own restricted cyber model on April 7. (money.usnews.com) Cybersecurity models are designed to help defenders find software flaws before criminals do, much like a building inspector looking for weak locks and broken alarms. OpenAI said GPT-5.4-Cyber is fine-tuned to support those defensive jobs while the company tightens identity checks and other safeguards around who can use it. (openai.com) OpenAI said it is expanding its Trusted Access for Cyber program to thousands of verified individual defenders and hundreds of teams that protect critical software. The company also said higher verification tiers will unlock stronger capabilities, with the top tier getting access to GPT-5.4-Cyber. (openai.com) That marks a shift from the usual pattern of putting a new model into broad commercial products and then adding guardrails around abuse. In this case, OpenAI is pairing a more capable cyber system with identity verification, limited distribution, and staged deployment from the start. (openai.com) Anthropic took a similar approach on April 7 when it said Claude Mythos Preview would go only to a select group of companies through Project Glasswing. CNBC reported Anthropic named Apple, Google, Microsoft, Nvidia, Amazon Web Services, CrowdStrike, and Palo Alto Networks among the initial participants. (cnbc.com) Anthropic said Mythos had found “thousands” of major vulnerabilities in operating systems, web browsers, and other software, a claim Reuters cited when describing the competitive pressure on OpenAI’s launch. OpenAI did not make a comparable public claim about GPT-5.4-Cyber’s results in the materials it released on April 14. (money.usnews.com) (openai.com) OpenAI said it has been building toward this since 2023, when it started a Cybersecurity Grant Program, and that it began adding cyber-specific safeguards to model deployments in 2025. It also pointed to a separate product, Codex Security, launched earlier in 2026 to help organizations identify and fix vulnerabilities at scale. (openai.com) The immediate test is whether companies can widen access to these systems faster than attackers can copy their methods. For now, both OpenAI and Anthropic are treating advanced cyber models less like a public chatbot launch and more like controlled security equipment. (openai.com) (cnbc.com)