OpenAI will be expanding its cybersecurity efforts by increasing the number of verified defenders served by its Trusted Access for Cyber (TAC) program into the thousands, with hundreds more security teams to follow.
This move aims to address the challenge of defenders and attackers increasingly using AI, accelerating the pace and complexity of cyber threats.
At the heart of the release is the launch of the GPT-5.4-Cyber, a variation of the existing model that has been tailored explicitly for use in defensive cybersecurity contexts.
The model is designed to be ‘cyber-permissive’ in that it allows conducting vulnerability assessments and performing binary reverse engineering to understand software vulnerabilities without access to its source code.
It is intended for use in a restricted fashion by select individuals and firms.
This effort aligns with OpenAI’s overarching cybersecurity approach, which comprises three basic tenets: democratization of defense mechanisms, deployment through iterations for greater safety and efficiency, and enhanced cybersecurity across the ecosystem. It was noted that cyber threats are increasing in pace, and defenses need to keep up with advancements in AI.
OpenAI pointed out that cyber capabilities have dual-use implications for cybersecurity, and the risks associated with such capabilities can be determined both by the type of capability and who uses it and how.
The TAC system is designed to implement different levels of access based on identity checks and trust signals.
OpenAI also mentioned future developments, stating that its security measures would be developed concurrently with model development. OpenAI is confident in its methods, as they can ensure widespread use of AI technology while providing high levels of protection, though they admit stronger protection will be needed in the future.
Scaling trusted access for cyber defense
Marcus Fowler, CEO of Darktrace Federal, said: “OpenAI’s latest work on scaling trusted access for cyber defense, including GPT-5.4-Cyber, is a positive step. Lowering barriers for legitimate security work and enabling more advanced defensive workflows helps put stronger capabilities in the hands of defenders. Expanding access to these kinds of tools, in a controlled way, can help organizations more quickly and effectively identify risk.”
However, Fowler added that it’s important to keep developments like these in perspective. “Some of the greatest challenges in cybersecurity today are not the identification or analysis of weak code. Most organizations are still constrained by the realities of remediation once an issue is discovered: patch development, testing, deployment, uptime requirements, and resource limitations. Faster or deeper analysis does not automatically translate to faster or more effective risk reduction. The gap between discovery and remediation continues to widen, and organizations are defending against far more than just software vulnerabilities, including identity compromise, misconfigurations, insider threats, and misuse of AI itself.”
So, while these kinds of capabilities are a step forward, it remains to be seen how much they will fundamentally change the cybersecurity market, he explained. “What is less likely to change is the need for strong cybersecurity hygiene and best practices within the network itself, like Zero Trust, and the need for strong detection, visibility, continuous monitoring, and the ability to respond and contain both known and unknown threats at speed.”
AI cybersecurity is here to stay
Tim Mackey, Head of Software Supply Chain Risk Strategy at Black Duck, said as each new cybersecurity focused AI model becomes available, there is one important item for teams to remember.
“Finding bugs is very different from fixing bugs. And while it’s great to hear that these cybersecurity models are being provided to select researchers to evaluate, unless those select teams work for your company, you’re at the mercy of any tuning performed based on their feedback. One thing is clear, AI cybersecurity is here to stay and will only become more powerful. Security leaders in organizations of all sizes need to take the Anthropic and OpenAI advancements as a call to action focused on where and how AI enabled cybersecurity will benefit their operations and scale to deal with AI enabled adversaries.”
The race is real, and it matters
The race between OpenAI and Anthropic to arm defenders is real, and it matters, added Trey Ford, Chief Strategy and Trust Officer at Bugcrowd. “The bottleneck was never the AI model, it’s the program architecture that decides which findings get verified, which get triaged, and which actually get fixed before an attacker reverse-engineers the same patch.”
Ford said two frontier models competing on access philosophy doesn’t solve a key problem: the human coordination layer that gives AI-discovered vulnerabilities a path to remediation. What OpenAI’s TAC expansion and Anthropic’s Glasswing both tell us is that AI-discovered vulnerabilities are outpacing the coordinated infrastructure built to remediate them.
“The next generation of security programs won’t be judged on which AI model they use to find vulnerabilities, they’ll be judged on whether they built the program architecture, researcher coordination, and triage capacity to close the gap between machine-speed discovery and human-speed remediation. That’s where the real competitive advantage in cyber defense gets built.”
He added that the OpenAI vs. Anthropic access debate is the wrong conversation for security leaders this week. “Access philosophy (democratic scale versus controlled rollout) doesn’t change the structural reality. The time to exploit is now measured in hours. The CVE system wasn’t built for AI-discovery rates, attackers don’t need Mythos to find what Glasswing couldn’t patch. The question every CISO should be asking isn’t which model they can access, it’s whether their program was designed to act on what those models find.”
Frontier AI permanently belongs in the security stack
Ram Varadarajan, CEO at Acalvio said the convergence of Anthropic’s Mythos (with depth, ~40 organizations) and OpenAI’s GPT-5.4-Cyber (with breadth, thousands of defenders) is marking a new industry consensus that frontier AI permanently belongs in the security stack. “But we should note that both bets are placed squarely in the “better offense/defense AI” lane, leaving the harder architectural question unaddressed.”
Varadarajan added that OpenAI’s TAC identity-gating is revealing because capability restrictions may be an incomplete control surface. “It’s a reasonable position certainly, but it collapses entirely when the attacker is an agentic AI operating with authenticated credentials inside the perimeter, where identity is neither suspicious nor verifiable. The industry is converging on knowing who’s in the environment. This is important, but the more durable question is whether the *environment itself* can be made to betray what an attacker, human or AI, actually does when no one’s watching.”
That question, environment as detection surface, may be the one that frontier model vendors are structurally unable to answer, he explained.
A more conservative, tool‑centric risk posture
Ronald Lewis, Head of Cybersecurity Governance at Black Duck, said there is a notable divergence in how OpenAI and Anthropic have approached the release of AI models with cybersecurity‑relevant capabilities.
“OpenAI has largely followed a traditional security‑tool release pattern, where potentially dangerous capabilities are restricted to trusted operators. Access to its cyber‑focused model (GPT‑5.4 for Cyber) is gated through the Trusted Access for Cyber (TAC) program, which emphasizes vetting, use‑case justification, and ongoing oversight, and is designed to limit both who can access the model and how it may be used.”
Importantly, Lewis explained that OpenAI’s models underpin a broad ecosystem of third‑party security products, many of which are already deployed in sensitive environments. “This includes a growing litany of tools across vulnerability management, threat intelligence, incident response, and digital forensics, where AI is used to accelerate analysis rather than execute actions. In this sense, OpenAI’s TAC approach mirrors how advanced forensic platforms have historically been released—restricted to validated professionals, governed by contractual controls, and designed to augment expert judgment rather than replace it.”
Anthropic, by contrast, released Mythos in a way that appeared comparatively unconstrained when viewed through the lens of how sensitive security tools (such as forensic analysis software) have traditionally been distributed. “Rather than heavily limiting access, Anthropic’s approach places greater emphasis on model alignment and internal self‑restraint, aiming to limit what the model will choose to do rather than who is allowed to use it. This represents a deliberate departure from the conventional “dangerous tool → trusted operator” paradigm.”
Lewis said while Anthropic’s release strategy drew heightened scrutiny, particularly from policymakers and parts of the security community, it also reflects a different theory of risk management: that sufficiently aligned models, combined with institutional governance and partnerships such as Project Glasswing, can enable broad, high‑capability use without strict individual‑level access controls.
“In stark contrast, OpenAI’s TAC framework reflects a more conservative, tool‑centric risk posture. It treats advanced cyber capabilities as regulated instruments, suitable for controlled deployment within professional workflows, much like forensic and investigative tooling, rather than as broadly accessible general‑purpose systems. The two approaches highlight a fundamental philosophical split: OpenAI prioritizes access restriction and operational oversight, while Anthropic prioritizes alignment, institutional trust, and capability preservation.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.