OpenAI Expands Daybreak With GPT-5.5-Cyber and New Security Tools

OpenAI has unveiled a major expansion of its Daybreak cybersecurity initiative, introducing new AI-powered tools, partnerships, and programs aimed at helping security teams identify and remediate software vulnerabilities before attackers can exploit them.

The announcement builds on OpenAI’s growing focus on cybersecurity, a field where artificial intelligence has already accelerated vulnerability discovery. However, according to the company, finding flaws is no longer the primary challenge. The larger obstacle remains fixing them.

While AI can quickly uncover security weaknesses, development teams still face the time-consuming process of validating findings, assessing risk, developing patches, testing fixes, and deploying updates across production environments.

OpenAI Expands Codex Security Capabilities

As part of the Daybreak expansion, OpenAI highlighted the progress of Codex Security, its security-focused code analysis platform that first entered preview in March.

Since launch, Codex Security has reportedly scanned more than 30 million commits across over 30,000 codebases. According to OpenAI, human reviewers have marked more than 70,000 findings as fixed, while automated systems determined that over 500,000 additional findings had been resolved.

The company is now releasing an updated Codex Security plugin designed to support more of the vulnerability management lifecycle.

The new plugin can:

• Perform deep security scans
• Review recent code changes
• Generate detailed security reports
• Trace potential attack paths
• Validate findings from multiple sources
• Create codebase-specific patches for human review
• Triage bug bounty reports and security advisories
• Export results to vulnerability management platforms

OpenAI says the plugin can also process findings from external scanners, ticketing systems, bug bounty submissions, and security advisories, helping teams consolidate remediation workflows.

The platform integrates with existing security ecosystems through SARIF files, CodeQL queries, Codex CLI, and the Codex application.

GPT-5.5-Cyber Launches for Verified Defenders

Another major announcement is the limited release of GPT-5.5-Cyber, a specialized version of OpenAI’s latest model built specifically for cybersecurity professionals.

The model is being made available to verified defenders and security organizations through OpenAI’s Trusted Access for Cyber program.

According to OpenAI, GPT-5.5-Cyber achieved an 85.6% score on CyberGym, a cybersecurity evaluation benchmark. That compares with 81.8% for GPT-5.5 and 83.8% for Claude Mythos 5.

OpenAI says the model is optimized for security-focused tasks such as vulnerability analysis, attack path investigation, code review, remediation planning, and incident response workflows.

Daybreak Cyber Partner Program Brings Industry Support

OpenAI also announced the Daybreak Cyber Partner Program, which allows security vendors and service providers to integrate GPT-5.5-Cyber into commercial products and managed security services.

The goal is to give cybersecurity companies access to specialized AI capabilities while maintaining security-focused safeguards through Trusted Access for Cyber.

Initial partners include Accenture, Akamai, Cisco, Cloudflare, CrowdStrike, IBM, Palo Alto Networks, Proofpoint, SentinelOne, Wiz, Zscaler, and several other cybersecurity providers.

OpenAI said additional partners will join the program over time as the ecosystem expands.

Patch the Planet Targets Open-Source Security

Alongside the Daybreak announcements, OpenAI formally launched Patch the Planet, a collaborative effort focused on improving the security of critical open-source software projects.

OpenAI says the objective is to reduce the burden on maintainers by helping projects identify vulnerabilities, review findings, create patches, and improve long-term security workflows.

The Daybreak expansion signals OpenAI’s intention to become a larger player in defensive cybersecurity, combining AI-powered vulnerability discovery with remediation assistance, industry partnerships, and direct support for critical open-source infrastructure.