0
OpenAI expands access to cyber AI as hacking risks grow
April 14, 2026
Posted 3 hours ago by
OpenAI laid out a new plan on Tuesday to expand access to AI models with advanced cyber capabilities while implementing controls on who can use them.Why it matters: The roadmap coincides with the release of a new model variant, GPT-5.4-Cyber, designed to assist with defensive cybersecurity tasks and be more permissive for vetted users.Axios first reported on the new cybersecurity product.Between the lines: OpenAI is shifting its approach to cyber risk to focus less on restricting what models can do and more on verifying who gets access to the most sensitive capabilities.The company says it aims to make tools as widely available as possible while preventing misuse through identity verification and monitoring systems, according to a blog post.OpenAI plans to expand access to thousands of individuals and hundreds of security teams through its already-established Trusted Access for Cyber program, provided they complete verification checks.The intrigue: OpenAI's approach differs from Anthropic's more restrictive rollout, where only about 40 organizations are getting access to Mythos Preview.Anthropic warned that its model was so adept at its finding and exploiting security flaws that it was simply too dangerous to release widely.OpenAI is responding to similar security risks by trying to make its tools more widely available for defensive cyber work while still preventing nefarious actors from accessing them.
It's a difficult balance to strike.Zoom in: OpenAI is adding new tiers to its Trusted Access for Cyber program, which launched earlier this year, with higher levels of verification unlocking more powerful capabilities.Users approved for the highest tier will gain access to GPT-5.4-Cyber, which has fewer restrictions on sensitive cybersecurity tasks, such as vulnerability research and analysis.The model is designed to reduce unnecessary friction for legitimate security work, after some cyber partners said they ran into issues with earlier GPT models sometimes refusing to answer dual-use cyber queries. What they're saying: This is a team sport, we need to make sure that every single team is empowered to secure their systems, Fouad Matin, a cyber researcher at OpenAI, told reporters. No one should be in the business of picking winners and losers when it comes to cybersecurity.Yes, but: The rollout will be gradual. OpenAI says initial access to the more permissive model will be limited to vetted security vendors, organizations and researchers, but broader availability will scale over time.The company also expects onboarding to take time as it reviews and verifies users.The intrigue: OpenAI is not currently offering GPT-5.4-Cyber access to U.S. government agencies, but the company told reporters it is in ongoing discussions and will evaluate access through internal governance and safety review processes.Reality check: Some security experts argue that many vulnerabilities identified by AI tools are not necessarily novel or easily exploitable. However, the speed at which these models are finding security flaws — and their rapid pace of advancement — is worrying government officials and global business leaders. What to watch: Running models with these capabilities requires a lot of computing power. Not everyone will be willing to pay the price to run them on their environments. Go deeper: Funding cuts, political battles muddy Trump's response to Mythos
Axios
Coverage and analysis from United States of America. All insights are generated by our AI narrative analysis engine.