OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AI

OpenAI has announced a limited preview of its new GPT-5.6 model lineup, introducing three tier-based systems named Sol, Terra, and Luna. Sol has been described by the AI giant as its most capable model for cybersecurity.  The initial launch follows a consultation process with the United States government, resulting in a restricted early rollout to a select group of trusted partners.  OpenAI indicated that this phased release is a temporary measure while the organization collaborates with the federal administration to develop a framework aligned with the recent Executive Order, which enables the government to assess the national security risks posed by advanced AI systems. The GPT update marks a shift in OpenAI’s branding strategy, where version numbers designate the model generation, while the names represent permanent capability tiers. GPT-5.6 Sol is the premier flagship model, designed for high-intensity reasoning tasks. GPT-5.6 Terra targets everyday workloads, with OpenAI reporting performance competitive with GPT-5.5 at half the operating cost. GPT-5.6 Luna is positioned as a fast alternative representing the lowest pricing point in the lineup. In cybersecurity tests on ExploitBench, Sol matched competing systems like Mythos Preview while using roughly a third of the output tokens. The company emphasized that Sol demonstrates a stronger affinity for defensive security tasks, such as vulnerability identification and patch development, rather than end-to-end cyberattacks. During evaluations on the Chromium and Firefox codebases, the system successfully isolated bugs and basic exploitation primitives but did not independently construct a working full-chain exploit.  To manage potential dual-use risks where defensive research closely mirrors offensive behavior, the GPT-5.6 series relies on a multi-layered security architecture. In addition to standard training-level refusals, the infrastructure employs automated real-time classifiers for biology and cybersecurity inputs. If an anomaly is flagged, output generation pauses while a secondary reasoning model reviews the context of the conversation.  Some instances may also trigger account-level evaluations to help distinguish legitimate security research from malicious behavior. OpenAI said it allocated over 700,000 A100-equivalent GPU hours toward automated red-teaming to harden the model against systemic vulnerabilities. This approach focused on discovering universal jailbreaks rather than single-prompt failures.  While the models are currently accessible only via the API and Codex to approved partners, OpenAI plans to expand general availability to ChatGPT, Codex, and broader API users in the coming weeks.  The company publicly pushed back against making government-mediated pre-clearance a long-term standard for AI deployments, arguing that prolonged restrictions delay essential defensive tools from reaching the broader cybersecurity community. Related: Anthropic Launches Claude Fable 5: Mythos-Class AI With Cybersecurity Guardrails Related: Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation Related: New Enterprise-Ready MCP Specification Brings New Security Challenges WRITTEN BY Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. More from Eduard Kovacs First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild Cal Water Says No OT Systems Breached in Iranian Handala Cyberattack Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning Cisco SD-WAN Zero-Day Exploited Months Before Patching Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware macOS Weaknesses Chained to Silently Disable Endpoint Security Agents Third DraftKings Hacker Sentenced to 18 Months in Prison Hackers Exploiting Cisco Unified CM Vulnerability Latest News Chinese Framework Powers 200,000 Scam Sites Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories More Klue Breach Victims Identified as Hackers Get Hacked In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs Nebulock Raises $25 Million for AI-Native Contextual Security Linux Foundation Unveils New Open Source Security Project Akrites $3 Million Reportedly Stolen in Polymarket Hack Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets Trending Webinar: Why Email Security Keeps Failing (And What Has To Change) July 8, 2026 Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more. Register Virtual Event: 2026 Cloud Security Summit July 16, 2026 This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments. Register People on the Move Mark Carter has been appointed Chief Information Security Officer at Socure. Spektrum Labs has named Mark Cravotta Chief Operating Officer. Philip Martin has joined Uber as Chief Information Security Officer. More People On The Move Expert Insights When Information Becomes The Attack Surface – Understanding AI Agent Traps From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI. (Etay Maor) What The Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) No Exploits Required Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (Tod Beardsley) After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Everybody Is Vibe Coding But Nobody Told The Security Team AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au) Flipboard Reddit Whatsapp Email