OpenAI ships full GPT-5.5-Cyber at 85.6% on CyberGym, launches Daybreak defender programs

OpenAI is pushing advanced cyber capabilities into defenders' hands as policymakers scrutinize how frontier models are evaluated and deployed. The updated GPT-5.5-Cyber performs deeper analysis across large codebases, identifies security-relevant components, validates likely vulnerabilities, and develops and tests software patches. On CyberGym—a benchmark measuring whether an AI agent can reproduce known software vulnerabilities in test environments—the new model scored 85.6%, up from 81.8% for GPT-5.5.

The model remains gated to vetted cybersecurity companies and researchers, reflecting the dual-use tension: getting powerful capabilities to legitimate defenders while limiting malicious use. Alongside it, OpenAI launched the Daybreak Cyber Partner Program, which lets participating security vendors use GPT-5.5 with Trusted Access for Cyber inside the products and services they sell to customers—previously, approved orgs mostly used the models on systems they owned or were authorized to test. OpenAI is also funding Patch the Planet, an initiative founded with Trail of Bits and built with HackerOne and Calif to help open-source maintainers manage and remediate vulnerabilities.

Sam Altman framed it as helping 'all companies be secure, working with the USG and the security ecosystem,' noting Patch The Planet and Codex Security aim to 'solve security problems instead of just finding them.' The timing is pointed: it lands while Anthropic remains in regulatory limbo over the Fable 5/Mythos jailbreak suspension, sharpening the contrast in how the two labs approach high-capability security models.

What to watch: community reaction was split—excitement over codebase-level vulnerability analysis for defenders, and unease over a 'more permissive' offensive-capable model gated only by vetting. The defender-vs-attacker balance, and how Daybreak partners handle the expanded access, will be the key test.