OpenAI just took its Daybreak cybersecurity initiative from preview to full deployment, and the scope of the expansion is hard to overstate. The company is releasing the full version of GPT-5.5-Cyber, a major update to the Codex Security plugin, a formal Cyber Partner Program with dozens of the world's largest security vendors, and a new open-source patching effort called Patch the Planet -- all at once.
The central argument driving all of it: AI has already solved the hard part of vulnerability discovery. The bottleneck has shifted. AI models can now navigate large codebases, reason through attack paths, validate hypotheses, and surface security issues that might otherwise stay hidden. The bottleneck is no longer finding vulnerabilities -- it is now patching them. Daybreak is OpenAI's bet that it can close that gap at machine speed.
A model built for the full remediation loop
GPT-5.5-Cyber sets new state-of-the-art performance on CyberGym, reaching 85.6% compared with 81.8% for GPT-5.5. CyberGym is a benchmark that measures whether an AI agent can reproduce known vulnerabilities in real software environments -- a proxy for how useful the model is in live defensive work. But OpenAI also ran it against two more demanding tests:
- ExploitGym (tests whether an agent can turn a known vulnerability into working exploit code): GPT-5.5-Cyber scored 39.5% vs. 25.95% for GPT-5.5
- SEC-bench Pro (long-horizon vulnerability discovery and proof-of-concept generation across complex targets): 69.8% vs. 63.1% for GPT-5.5
The model can sustain deeper analysis across large codebases: identifying security-relevant components, tracing whether vulnerable code is reachable, validating likely issues in controlled environments, developing and testing patches, and preparing evidence for human review. The goal is end-to-end remediation, not just a longer list of findings.
Access to GPT-5.5-Cyber is tiered and tightly controlled. OpenAI is rolling out Daybreak through three different access levels: GPT-5.5 for broader security assistance and general workflows; GPT-5.5 with Trusted Access for Cyber for defensive tasks like secure code review, malware analysis, and patch validation; and GPT-5.5-Cyber for specialized, authorized workflows including penetration testing, red teaming, and controlled validation exercises. Beginning June 1, 2026, Trusted Access for Cyber requires phishing-resistant authentication -- a hardware key or passkey.
Don't miss what's next in AI
Join 300,000+ engineers and researchers who get the signal, not the noise.
- Full access to in-depth AI research breakdowns
- Be the first to know what's trending before it hits mainstream
- Daily curated papers, repos, and industry moves