OpenAI · 2026-05-07 · major
OpenAI GPT-5.5-Cyber — Security-Tuned Model in Limited Preview for Vetted Defenders
OpenAI rolls out a security-tuned GPT-5.5 variant gated by a Trusted Access for Cyber program. Lower classifier refusals for authorized red-team, vulnerability triage, malware analysis, and detection-engineering work.
OpenAI ships GPT-5.5-Cyber: a security-tuned preview model gated behind a Trusted Access program for verified defenders.
What is it?
GPT-5.5-Cyber is a tuned variant of GPT-5.5 with lower classifier-based refusals on cybersecurity-specific workflows. Access is limited to organizations vetted through OpenAI's new Trusted Access for Cyber program, with an initial focus on critical-infrastructure defenders. The base GPT-5.5 also got increased cyber safeguards in this same launch.
How does it work?
Approved partners route requests through accounts flagged for Trusted Access. The classifier permits authorized work — vulnerability identification and triage, malware analysis, binary reverse engineering, detection engineering, patch validation, and red teaming — while still blocking categories OpenAI considers unsafe such as credential theft and writing malware. The UK AI Security Institute rated GPT-5.5 at parity with Anthropic's Mythos on its cyber tasks, completing a 32-step corporate-network simulation in 2 of 10 attempts versus Mythos's 3 of 10.
Why does it matter?
Standard frontier models refuse much of the day-to-day work of a real red team — even on systems the operator owns. A vetted-only tier lets defenders pull GPT-5.5-class capability into pen-test, detection-engineering, and incident-response loops without prompt-engineering tricks. It also marks a more permissive stance than Anthropic's Mythos, which keeps cyber capability behind tighter rails.
Who is it for?
Verified internal security teams, MSSPs, and critical-infrastructure defenders
Try it
Apply via OpenAI Trusted Access for Cyber