Daybreak: Tools for securing every organization in the world

OpenAI Blog · 2026-06-22

OpenAI expands its Daybreak cybersecurity initiative by launching GPT-5.5-Cyber with state-of-the-art CyberGym scores, an updated Codex Security plugin, and a new Cyber Partner Program, arguing AI has shifted the security bottleneck from finding vulnerabilities to patching them.

Open original ↗

Appears in

AI as Attack Tool and Attack Target: May 2026 Cybersecurity Moment

Extraction

Topics: ai-cybersecurityopenai-daybreakgpt-5.5-cybercodex-securityai-policy

Claims

GPT-5.5-Cyber achieves 85.6% on CyberGym, the highest single-model score measured, and outperforms GPT-5.5 on ExploitGym (39.5% vs 25.95%) and SEC-bench Pro (69.8% vs 63.1%).
AI has shifted the cybersecurity bottleneck: finding vulnerabilities is no longer the hard part—patching them at the pace of AI-accelerated discovery is now the primary challenge.
Codex Security has scanned over 30 million commits across more than 30,000 codebases since March, with over 70,000 findings manually marked as fixed.
OpenAI has established Trusted Access for Cyber partnerships with Australia, Canada, France, Germany, Japan, South Korea, and EU institutions including ENISA.
GPT-5.5-Cyber is intended only for verified defenders with authorized workflows, paired with stronger verification, monitoring, and scoped controls beyond what standard Trusted Access for Cyber provides.

Key quotes

AI has changed the physics of cybersecurity. Frontier AI models have been increasingly accelerating vulnerability discovery. The bottleneck historically has been finding vulnerabilities, but now defenders are overwhelmed with the number of vulnerabilities found. Instead, the bottleneck is now patching vulnerabilities.

Frontier defensive capabilities should not be concentrated in the hands of a few. Software touches all aspects of life, from critical infrastructure to business applications and government networks.

This is the scale at which patching must now happen.