OpenAI opens cyber access

OpenAI has opened a gated path for more cybersecurity professionals to use a defense-tuned version of GPT-5.4, expanding a program it first launched in February. (openai.com) The company said on April 14 that its Trusted Access for Cyber program now covers “thousands” of verified individual defenders and “hundreds” of teams that protect critical software. OpenAI said the new access includes GPT-5.4-Cyber, a variant of GPT-5.4 fine-tuned for defensive cybersecurity work. (openai.com) OpenAI said the expansion adds verification tiers, with higher-trust users getting broader access to sensitive cyber capabilities. The company described the system as identity-based vetting meant to place stronger tools with security teams while limiting misuse. (openai.com) Cybersecurity here means using software to find, analyze, and fix weaknesses before attackers exploit them. OpenAI said its tuned model is meant to help with defensive workflows such as triage, investigation, and securing software, rather than unrestricted offensive use. (openai.com) This follows a policy shift OpenAI began on February 5, when it introduced Trusted Access for Cyber alongside a pledge of $10 million in application programming interface credits for cyber defense. At that point, the company described the program as a pilot for enterprise customers and legitimate defenders. (openai.com; openai.com) The backdrop is that OpenAI’s newer models have crossed a higher internal risk threshold for cyber capability. In its March 5 system card for GPT-5.4, OpenAI said GPT-5.4 Thinking was its first general-purpose model with mitigations for “High” cybersecurity capability. (openai.com) OpenAI has been signaling that trend for months. In a December 2025 post, the company said performance on capture-the-flag security tests had risen from 27% on GPT-5 in August 2025 to 76% on GPT-5.1-Codex-Max in November 2025, and said it was preparing as if future models could also reach “High” cyber capability. (openai.com) The company’s developer documentation says some users who hit cyber safety mitigations can regain access to advanced coding models by joining Trusted Access, and that OpenAI plans to move over time from account-level checks toward request-level checks in most cases. That points to a narrower gate around the riskiest prompts instead of a blanket block on entire accounts. (developers.openai.com) OpenAI announced the latest expansion in public posts this week as it prepares for what it called “increasingly more capable models” in the coming months. The result is a larger, vetted channel for security professionals who want frontier models for defense without opening the same access to everyone. (openai.com; x.com)