OpenAI Opens GPT-5.5-Cyber to Vetted Defenders, Loosens Guardrails for Red Teams
A bespoke build of GPT-5.5 with relaxed restrictions on offensive-security tasks is rolling out in limited preview to thousands of verified cybersecurity professionals, OpenAI's answer to Anthropic's Mythos cyber preview from a month earlier.
OpenAI on Thursday began rolling out GPT-5.5-Cyber, a tuned variant of its flagship model that removes some of the standard safety refusals around offensive-security work, to defenders enrolled in the company's Trusted Access for Cyber program. The release lands roughly two weeks after GPT-5.5 itself shipped and a month after Anthropic gave a cybersecurity-focused preview of Claude Mythos to a similar group of vetted partners.
The model is being positioned squarely at the blue team. According to OpenAI, GPT-5.5-Cyber is "primarily trained to be more permissive on security-related tasks" — vulnerability hunting, malware reverse engineering, automated red-teaming, and validation of high-severity findings — while keeping hard blocks on credential theft, weaponized malware authoring, and other categories that map cleanly to real-world harm. During alpha testing the model was already being used to scale red-team exercises against critical infrastructure and to triage CVE-class bugs that would have taken human teams days.
Access is gated behind a tiered verification process. OpenAI says its Trusted Access for Cyber program has scaled to "thousands of verified defenders and hundreds of teams," with the highest tier — which gets the loosest guardrails — reserved for organizations that can prove they are securing critical systems. The company is leaning on account-level controls and stronger identity checks rather than a single global policy, an architecture that lets it dial restrictions up and down per partner without forking the model further.
The timing is not subtle. Anthropic's Mythos cyber preview in early April was widely read as a shot across OpenAI's bow, particularly after a string of Pentagon and FIS deals showcased Claude inside government and financial-crime workflows. CEO Sam Altman framed Thursday's move in defensive-ecosystem terms — "we'd like to help companies secure themselves, and we think it's important to start work on this quickly" — but the underlying competitive logic is that whichever lab embeds itself fastest with security operations centers gets the long tail of agentic-defense revenue.
The release will reignite a familiar argument about whether loosened safety guardrails for trusted users meaningfully reduce the misuse surface, especially as the same capabilities show up in open-weights Chinese models. OpenAI promised future technical documentation and stricter responsible-disclosure guarantees, but for now the rollout is a contained experiment: a more capable cyber assistant for defenders who can prove they are who they say they are, behind an access wall the company is choosing to build itself rather than wait for regulators to draw.
