OpenAI limits GPT‑5.5 Cyber to vetted critical‑infrastructure and security partners

Cybersecurity is turning into one of the first places where frontier AI gets gated on purpose. Not because the models are weak, but because they may be too useful on both sides of the fight. That is the gap this story sits in — defenders want machine-speed help finding bugs, but the same capability can help attackers chain exploits faster. OpenAI’s answer, at least for now, is GPT‑5.5‑Cyber, a restricted rollout aimed at trusted defenders rather than the public. (theregister.com) ### What is GPT‑5.5‑Cyber, exactly? It looks less like a totally separate product and more like a cyber-specialized deployment of OpenAI’s newest flagship family. GPT‑5.5 itself launched on April 23, 2026, with stronger coding, tool use, and cyber-related safeguards than earlier versions. OpenAI had already said it was fine-tuning cyber-permissive variant(theregister.com)‑Cyber is the next step in that same line. (openai.com) ### Why isn’t this going public? Because cyber models are unusually dual-use. A system that can help a blue team find and patch vulnerabilities can also help a red team discover where to break in. Altman’s public line was blunt: OpenAI plans to give access first to “critical cyber defenders,” then work with the broader ecosystem and government on “trusted access for cyber.” That wording matt(openai.com)t just a product launch. (theregister.com) ### Who counts as a “trusted defender”? OpenAI has been building that funnel for a while. On April 14, it said the Trusted Access for Cyber program was expanding to thousands of verified individual defenders and hundreds of teams responsible for defending critical software, with strong identity verification and clear criteria for advanced access. Basicall(theregister.com) a wide-open release on the other. (openai.com) ### Why does Anthropic keep showing up in this story? Because Anthropic got here first with Mythos, and that changed the policy mood. Mythos was introduced as a cyber-focused model and tested through a small coalition called Project Glasswing. That model became a flashpoint almost immediately, with White House meetings, agency interest, and arguments over how broadly suc(openai.com)an acknowledgment that the rules of release have changed. (nextgov.com) ### What changed in Washington? The White House has been actively discussing how agencies should use frontier cyber models. Meetings in late April included concerns about advanced hacking capabilities, and separate draft guidance was being prepared around possible federal use of Anthropic tools, including Mytho(nextgov.com) systems are defensive infrastructure or strategic risk. (politico.com) ### Is OpenAI contradicting itself? A little, yes. OpenAI had criticized Anthropic’s tighter control around Mythos, but GPT‑5.5‑Cyber is also being kept behind a velvet rope. The difference OpenAI is trying to draw is process: broader eventual access, but through verification and staged deployment. Whether that distinction holds up depends on how many defenders actually get in, and how fast. (theregister.com) ### Why does this matter beyond one model? Because it points to a new default for high-end cyber AI. Not “ship to everyone and moderate later,” and not “keep it fully internal,” but trusted deployment with red-teaming, identity checks, and government coordination. If that pattern sticks, the winners in this market may not just be the labs with the smartes(theregister.com)openai.com) ### Bottom line GPT‑5.5‑Cyber is not just another model SKU. It is OpenAI signaling that the most sensitive AI capabilities — especially in cybersecurity — may now launch like controlled infrastructure, not consumer software. (theregister.com)