OpenAI Rolls Out GPT-5.5-Cyber to Vetted Security Teams — Mirroring the Approach It Once Criticized

Overview

OpenAI began a limited rollout of GPT-5.5-Cyber on May 7, offering its cybersecurity-specialized model to vetted security professionals roughly a month after Anthropic debuted Claude Mythos to similar controversy.

Trusted Access for Cyber

The program extends access to "thousands of verified individual defenders and hundreds of teams responsible for defending critical software." Approved users receive lower classifier-based refusals on security workflows, enabling:

• Vulnerability identification and triage
• Malware analysis
• Binary reverse engineering
• Detection engineering
• Patch validation

Safeguards continue to block credential theft, stealth and persistence techniques, malware deployment, and exploitation of third-party systems.

Mandatory Security Upgrade in June

Beginning June 1, 2026, individual users accessing the most permissive cyber-capable models will be required to enable Advanced Account Security.

The Irony

OpenAI initially criticized Anthropic's decision to restrict Mythos access, suggesting it could disadvantage legitimate defenders. The company now applies essentially the same gating model. OpenAI frames the shift as moving from "restricting what models can do" to "verifying who gets access" — a philosophical distinction that produces the same access-control outcome in practice.

Source: CNBC Full Report