OpenAI opens GPT-5.5-Cyber to vetted security researchers

OpenAI released GPT-5.5-Cyber, a specialized model variant designed for authorized security research on critical infrastructure. Unlike standard GPT models, this version rejects fewer security-related requests and actively executes exploits against controlled test environments to help researchers identify vulnerabilities before attackers do.

Access remains tightly restricted to verified security professionals and defenders working at organizations protecting critical systems. OpenAI partnered with major cybersecurity firms including Cisco, CrowdStrike, and Cloudflare to distribute the model to qualified teams. The limited rollout reflects OpenAI's approach to balancing offensive security capabilities with responsible deployment.

The move positions GPT-5.5-Cyber as a direct competitor to Anthropic's Mythos Preview, another specialized model for security testing. Both companies recognize that AI systems can accelerate vulnerability discovery when placed in the hands of defensive teams. The underlying logic follows standard penetration testing practices: authorized professionals with AI assistance can find and patch weaknesses faster than attackers operating independently.

Releasing a model that actively generates working exploits marks a shift in how AI labs approach security disclosure. Rather than blocking such capabilities entirely, OpenAI created guardrails around access rather than capability. This requires trust in vetting processes and user agreements to ensure only legitimate defenders gain access.

The practical value depends entirely on execution. Researchers gain a tool that understands attack patterns, code vulnerabilities, and exploitation techniques at a level matching or exceeding automated scanners. But this same tool could cause serious damage if credentials were compromised or vetting failed. OpenAI's access restrictions and partnership structure suggest the company is betting on selective trust rather than attempting to make the model inherently safe for all uses.

This approach differs markedly from safety-focused competitors who prioritize refusing harmful requests over enabling legitimate security work. OpenAI chose to trust institutions rather than architecture. The