OpenAI Widens Access to Cybersecurity Model After Anthropic’s Mythos Reveal

Days after Anthropic unveiled its Claude Mythos AI model, OpenAI introduced GPT-5.4-Cyber, a cybersecurity-focused model that will be offered to many defenders. OpenAI announced that it’s scaling its Trusted Access for Cyber program to thousands of verified defenders and hundreds of security teams. They will be given access to GPT-5.4-Cyber, a fine-tuned variant of GPT-5.4 that relaxes the usual guardrails for legitimate cybersecurity work.  GPT-5.4-Cyber also provides new capabilities such as binary reverse engineering, which enables users to analyze compiled executable software for vulnerabilities and malicious behavior. The new AI model is initially being offered on a limited, iterative basis to vetted security vendors, organizations, and researchers. Individual defenders who want to enroll into the Trusted Access for Cyber program and test GPT‑5.4‑Cyber can apply through chatgpt.com/cyber via an identity verification process, while enterprise teams must go through their OpenAI account representative.  The AI giant’s announcement centers on three guiding principles: democratized access (making tools widely available through objective verification rather than manual gatekeeping), iterative deployment (learning from real-world use and improving over time), and ecosystem resilience (supporting the broader defender community through grants, open source contributions, and tools like Codex Security). The announcement comes in the wake of Anthropic’s release of Claude Mythos, a new and powerful AI model allegedly capable of autonomously discovering thousands of zero-day vulnerabilities. This led Anthropic to withhold its public release and instead offer it only to a few dozen major organizations through a restricted program called Project Glasswing. Both Anthropic and OpenAI are prioritizing defensive use while managing dual-use risks, but the latter believes advanced defensive tools should reach as many legitimate defenders as possible. “We don’t think it’s practical or appropriate to centrally decide who gets to defend themselves. Instead, we aim to enable as many legitimate defenders as possible, with access grounded in verification, trust signals, and accountability,” OpenAI explained. The company has not shared information about the performance of its GPT-5.4-Cyber model, but said its Codex Security platform, which automatically scans codebases and proposes fixes, has already helped identify over 3,000 critical and high-severity vulnerabilities across the open source ecosystem. Related: Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments Related: ‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks Related: ‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats WRITTEN BY Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. More from Eduard Kovacs Exploited Vulnerability Exposes Nginx Servers to Hacking $10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities Adobe Patches 55 Vulnerabilities Across 11 Products Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members Nightclub Giant RCI Hospitality Reports Data Breach Booking.com Says Hackers Accessed User Information Latest News Data Breach at Tennessee Hospital Affects 337,000 Artemis Emerges From Stealth With $70 Million in Funding Splunk Enterprise Update Patches Code Execution Vulnerability Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software Cisco Patches Critical Vulnerabilities in Webex, ISE Ransomware Hits Automotive Data Expert Autovista Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments Trending Webinar: A Step-By-Step Approach To AI Governance April 28, 2026 With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment. Register Virtual Event: Threat Detection And Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register People on the Move ThreatModeler has appointed Kevin Gallagher as Chief Executive Officer. Thomas Bain has been appointed Chief Marketing Officer at Silent Push. The United States Department of War appointed David Vaughn as Technical Advisor for Data Infrastructure. More People On The Move Expert Insights The Hidden ROI Of Visibility: Better Decisions, Better Behavior, Better Security Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. (Joshua Goldfarb) The New Rules Of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) The Next Cybersecurity Crisis Isn’t Breaches—It’s Data You Can’t Trust Data integrity shouldn’t be seen only through the prism of a technical concern but also as a leadership issue. (Steve Durbin) Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) Flipboard Reddit Whatsapp Email