OpenAI expanded its Daybreak security initiative on June 22 with a new specialized model and a program aimed at hardening widely used open-source software.
GPT-5.5-Cyber
GPT-5.5-Cyber is a variant of GPT-5.5 tuned for defensive security work. According to OpenAI, the model “flags plausible vulnerabilities, checks reachability, develops a targeted patch, and verifies the result” — automating steps that previously required significant analyst time. On OpenAI’s own benchmarks, it scored 85.6% on CyberGym and 39.5% on ExploitGym, up from 81.8% and 26.0% for the base GPT-5.5. These figures have not been independently audited.
Access is restricted. Individual users can apply for Trusted Access for Cyber, which requires identity verification and phishing-resistant authentication. The model itself is available only to authorized red teams, penetration testers, and enterprise or government security partners. Most organizations reach it indirectly through one of 28 partner vendors in the Daybreak ecosystem, including CrowdStrike, Sophos, SentinelOne, and Cloudflare.
Patch the Planet
Co-founded with security firm Trail of Bits, Patch the Planet is an open-source vulnerability remediation program covering more than 30 major projects, including cURL, Python, and Go. OpenAI describes a core design principle: “expert human review precedes every finding that reaches a maintainer,” meaning the system filters false positives before anything is flagged to project contributors.
Context
Daybreak launched on May 12, 2026. The June 22 expansion adds GPT-5.5-Cyber, the Codex Security plugin, Patch the Planet, and a 28-organization partner program.
The announcements reflect a broader effort by AI labs to establish a foothold in the cybersecurity market, where AI-powered tools have historically been integrated into existing security vendor platforms rather than offered directly.