OpenAI launches GPT-5.5-Cyber amid tightening AI oversight: a new frontier in cybersecurity

On June 22, OpenAI officially unveiled the full version of its specialized model, GPT-5.5-Cyber, designed to identify, verify, and eliminate vulnerabilities in software. This move is a strategic response to recent events surrounding Anthropic, whose models were restricted following a directive from the U.S. government.
GPT-5.5-Cyber is a key component of the Daybreak program, OpenAI's comprehensive cybersecurity initiative. The model is not intended for mass use and is available exclusively to verified cybersecurity professionals who require advanced capabilities for authorized defensive work.
Context: How the Window of Opportunity Opened
On June 9, Anthropic launched two versions of its Claude models — Fable 5 and Mythos 5. However, by June 12, the developer was forced to disable them after receiving a directive from the U.S. government under export controls. This decision had serious consequences: the company Legion filed a lawsuit against the U.S. government, claiming that losing access to Anthropic's models disrupted its tools for preparing legal documents.
OpenAI chose a different path. The company coordinated its actions in advance with U.S. federal agencies and opened GPT-5.5-Cyber only to verified users, thereby avoiding similar restrictions.
Technical Specifications and Performance
According to OpenAI, GPT-5.5-Cyber demonstrates impressive results on specialized benchmarks. On the CyberGym test, the model scored 85.6%, surpassing the standard GPT-5.5 (81.8%) and even Anthropic Mythos 5 (83.8%). On ExploitGym, the result was 39.5% compared to 25.95% for the regular version, and on SEC-bench Pro, it achieved 69.8% versus 63.1%.
However, the picture is not entirely clear-cut. The UK AI Security Institute conducted its own testing and found that GPT-5.5 completed a 32-step simulation of the corporate attack "The Last Ones" in 2 out of 10 attempts, while Mythos Preview succeeded in 3 out of 10. Later data from AISI showed that an updated version of Mythos Preview completed this scenario in 6 out of 10 attempts, while GPT-5.5 did so in 3 out of 10.
OpenAI emphasizes that Daybreak's goal is not just vulnerability detection but accelerating their remediation. Since March, the cloud-based Codex Security has scanned over 30 million commits across more than 30,000 codebases, with human reviewers marking over 70,000 findings as fixed.
Access Strategy and Partnerships
GPT-5.5-Cyber is available only to verified users with permissive model behavior in authorized scenarios. For most clients, OpenAI still recommends GPT-5.5 with Trusted Access for Cyber and Codex Security.
The company has also launched the Daybreak Cyber Partner Program, which includes giants such as Akamai, Check Point, Cisco, CrowdStrike, IBM, Palo Alto Networks, Proofpoint, SentinelOne, Wiz, Zscaler, and others. A separate initiative, Patch the Planet, created in collaboration with Trail of Bits and with participation from HackerOne, targets open-source projects. Among the first participants are cURL, Go, Python, Sigstore, and pyca/cryptography.
Analytical Commentary: The launch of GPT-5.5-Cyber is not just a technological breakthrough but a clear signal to the market of a paradigm shift. OpenAI demonstrates that it is possible to develop advanced AI capabilities in cybersecurity without clashing with regulators. This puts Anthropic at a disadvantage and may provoke a reassessment of approaches to export controls on AI models. In the coming months, we will likely see other players rushing to adapt their strategies to avoid losing their share in this rapidly growing market.