OpenAI Rolls Out GPT-5.5-Cyber to Vetted Security Teams — Mirroring the Approach It Once Criticized
Overview
OpenAI began a limited rollout of GPT-5.5-Cyber on May 7, offering its cybersecurity-specialized model to vetted security professionals roughly a month after Anthropic debuted Claude Mythos to similar controversy.
Trusted Access for Cyber
The program extends access to "thousands of verified individual defenders and hundreds of teams responsible for defending critical software." Approved users receive lower classifier-based refusals on security workflows, enabling:
- Vulnerability identification and triage
- Malware analysis
- Binary reverse engineering
- Detection engineering
- Patch validation
Safeguards continue to block credential theft, stealth and persistence techniques, malware deployment, and exploitation of third-party systems.
Mandatory Security Upgrade in June
Beginning June 1, 2026, individual users accessing the most permissive cyber-capable models will be required to enable Advanced Account Security.
The Irony
OpenAI initially criticized Anthropic's decision to restrict Mythos access, suggesting it could disadvantage legitimate defenders. The company now applies essentially the same gating model. OpenAI frames the shift as moving from "restricting what models can do" to "verifying who gets access" — a philosophical distinction that produces the same access-control outcome in practice.
Source: CNBC Full Report
Related Articles
OpenAI’s Deployment Simulation matters because it turns safety review into a measurable pre-release forecast. The study used about 1.3 million de-identified conversations and reported a 1.5x median multiplicative error on GPT-5-series risk estimates.
The bottleneck in AI security is shifting from finding bugs to landing fixes. OpenAI says GPT-5.5-Cyber reached 85.6% on CyberGym, while Codex Security has scanned more than 30,000 codebases.
OpenAI’s GPT-5.6 preview is as much about release control as model capability. Sol claims Terminal-Bench 2.1 SOTA, competitive ExploitBench results using about one-third the output tokens of Mythos Preview, and first access limited to trusted partners shared with the U.S. government.