OpenAI launches cyber model

OpenAI has started rolling out GPT-5.4-Cyber, a version of its flagship model tuned for defensive cybersecurity and limited to vetted users. (openai.com) The company said on April 14 it is expanding Trusted Access for Cyber to “thousands” of verified individual defenders and “hundreds” of teams that protect critical software. Reuters reported the first users are security vendors and researchers rather than the general public. (openai.com, reuters.com) Cybersecurity models are built to help defenders do jobs like finding software flaws, analyzing malicious code, and testing systems before attackers hit them. OpenAI said GPT-5.4-Cyber is “cyber-permissive,” meaning it is tuned to answer more defensive security requests than its standard model would allow. (openai.com, openai.com) OpenAI is gating that access through identity checks instead of a broad public launch. Its application pages show separate paths for enterprise teams and individual practitioners, with onboarding tied to defensive-use review and verification. (openai.com, openai.com) The release comes five weeks after OpenAI introduced GPT-5.4 on March 5 as its latest flagship model for professional work, with coding, tool use, and a context window of up to 1 million tokens. In its GPT-5.4 safety documentation, OpenAI said that general-purpose GPT-5.4 was the first model in the series with mitigations for “High capability in Cybersecurity.” (openai.com, openai.com) OpenAI said it is preparing for “increasingly more capable models” over the next few months, and framed the cyber release as part of that safety plan. The company first introduced Trusted Access for Cyber in February and paired the program with a $10 million commitment in application programming interface credits for cyber defense work. (openai.com, openai.com) Early outside reporting said GPT-5.4-Cyber showed stronger results on coding and capture-the-flag style tests, which are timed hacking exercises used to measure how well systems solve security problems. Reuters also reported that OpenAI plans to widen access gradually rather than open it broadly at launch. (reuters.com) The timing also puts OpenAI alongside Anthropic in a new race to ship restricted cyber tools instead of general-release ones. Reuters said Anthropic announced its Mythos model on April 7 under a controlled program called Project Glasswing for defensive cybersecurity use. (reuters.com) For now, the practical change is narrow: OpenAI is not selling GPT-5.4-Cyber as a standard public model, and access depends on passing its trust checks. The next test is whether those vetted users can turn the model into faster bug-finding and incident response without widening the same capabilities for attackers. (openai.com, openai.com, reuters.com)