OpenAI rolls out cyber model

OpenAI has started a limited rollout of GPT-5.4-Cyber, a version of its flagship model tuned for defensive cybersecurity work. (openai.com) Cybersecurity work often starts with finding software flaws before attackers do, then helping engineers patch them. OpenAI said GPT-5.4-Cyber is “cyber-permissive,” meaning it is tuned to be less restrictive for vetted defenders doing that kind of work. (openai.com) The company announced the release on April 14, 2026, and said access is being expanded through its Trusted Access for Cyber program. OpenAI said the program is moving from a smaller pool to “thousands” of verified individual defenders and “hundreds” of teams that protect critical software. (openai.com) Bloomberg reported the first wave is going to a select group of users rather than the general public. The outlet said OpenAI plans to start with hundreds of users and expand to thousands within weeks. (bloomberg.com) OpenAI is not offering GPT-5.4-Cyber as a standard ChatGPT button. Reuters and Bloomberg both reported the model is being provided outside ChatGPT to selected security vendors, researchers and in-house security teams. (reuters.com) (bloomberg.com) The timing follows a similar move by Anthropic one week earlier. Bloomberg reported on April 7 that Anthropic limited access to its Mythos model to major technology companies and partners including Amazon, Apple, Microsoft and Cisco. (bloomberg.com) That scramble reflects a shift in how frontier artificial intelligence companies are handling cyber tools. Instead of broad consumer launches, they are increasingly testing stronger systems with screened users who can probe defenses without immediately widening misuse risks. (openai.com) (bloomberg.com) OpenAI tied the release to “increasingly more capable models” it expects to ship over the next few months. The company said the cyber program is meant to strengthen safeguards and support the broader security ecosystem before those more capable systems arrive. (openai.com) GPT-5.4-Cyber is built on GPT-5.4, which OpenAI introduced on March 5, 2026 as its main model for professional work. In that launch, OpenAI said GPT-5.4 supports up to 1 million tokens of context and has strong coding and computer-use abilities, which are relevant to software security tasks. (openai.com) The immediate test is whether a restricted rollout can help defenders find and fix bugs faster without handing the same capabilities to attackers at consumer scale. For now, OpenAI is betting that vetted access, not mass release, is the safer way to put a cyber model into use. (openai.com) (reuters.com)