OpenAI Codex Enterprise Push: Mobile Launch, Windows Sandbox, and Customer Stories · history
Version 4
2026-05-23 02:38 UTC · 220 items
What
OpenAI's enterprise Codex campaign reached two opposing milestones simultaneously. Gartner named OpenAI a Leader in its 2026 Magic Quadrant for enterprise coding agents [7][8][9], providing the first independent analyst recognition to appear in the public record and addressing a persistent gap in third-party validation. At the same time, CVE-2025-59532 confirmed a sandbox bypass enabling remote code execution in the Codex CLI [10], and a community user documented building their own sandbox after Codex deleted files on their machine [11] — converting theoretical security fears into documented incidents. GitHub formalized the multi-vendor pattern by officially launching Claude and Codex as selectable agents in its Agent HQ platform in public preview [15][16], and Microsoft added Codex to Azure OpenAI in Microsoft Foundry Models [18], expanding enterprise distribution beyond the Dell on-premises partnership.
Why it matters
The Gartner designation clears the most common enterprise procurement hurdle — analyst firm validation — while the CVE simultaneously raises the risk profile for security-conscious adopters. Together they illustrate a pattern common to enterprise platform races: credibility signals and security incidents arriving at the same time. The GitHub Agent HQ and Azure Foundry integrations cement Codex as a commodity component within larger platforms, which expands reach at the cost of differentiation and strengthens the substitutability narrative that undercuts OpenAI's lock-in strategy.
Open questions
CVE-2025-59532 confirmed a sandbox bypass RCE in the Codex CLI [10][14] — has OpenAI issued a patch, and does the vulnerability scope extend to the Windows sandbox or only to CLI/Linux deployments?
Gartner named OpenAI a Leader in enterprise coding agents [8][9], but the report criteria are not public — how does Codex compare to GitHub Copilot, Cursor, and Claude Code in the evaluation, and does the designation cover the CLI, the web app, or both?
Microsoft published Azure/Foundry documentation for Codex [18] as a path distinct from the Dell on-premises partnership [5] — do the two channels offer equivalent agentic capabilities, or does Azure impose constraints on multi-step autonomous tasks?
A community user documented building their own sandbox after Codex deleted files on their machine [11] — does OpenAI publish incident response guidance or rollback procedures for agentic file-system operations that cause unintended damage?
Narrative
OpenAI's push to establish Codex as the dominant enterprise coding platform across April–May 2026 combines user-growth metrics, sector-spanning customer stories, GSI and hardware partnerships, and platform expansion across devices and operating systems. An April 21 blog post reported Codex weekly active developers growing from 3 million to over 4 million in roughly two weeks [1], simultaneously announcing Codex Labs and partnerships with seven global systems integrators — Accenture, Capgemini, CGI, Cognizant, Infosys, PwC, and TCS [1]. Named customer deployments span NVIDIA (production software delivery and research acceleration with Codex and GPT-5.5) [2], AutoScout24 (faster engineering cycles) [3], Sea Limited (AI-native development) [4], and a second wave covering Virgin Atlantic, Ramp, Notion, Cisco, and Rakuten across test coverage, code review, incident response, and repository reasoning [1]. A Dell Technologies partnership announced May 18 addressed the most common enterprise security objection by enabling on-premises and hybrid deployment, while also extending Codex's framing beyond coding into report preparation, lead qualification, and cross-system workflow coordination [5][6].
Two late-May developments altered the evidence landscape in opposing directions. Gartner named OpenAI a Leader in its 2026 Magic Quadrant for enterprise coding agents [7][8][9] — the first independent analyst validation to appear in the public record, addressing a prior gap where all substantive performance and adoption claims originated from OpenAI's own blog or co-published customer materials. On the security side, CVE-2025-59532 documented a sandbox bypass enabling remote code execution in the Codex CLI [10], and a community user published an account of building their own sandbox after Codex deleted files on their machine [11] — incidents that give concrete specificity to concerns previously articulated only as theoretical fears [12]. OpenAI separately launched Codex Security as a research preview [13], and Cymulate published mitigations for the RCE and prompt injection attack vectors [14], indicating that the security surface is receiving attention from both OpenAI and third-party researchers, though the patch status for CVE-2025-59532 has not been publicly confirmed.
Distribution expanded on two additional fronts beyond Dell. GitHub formally launched Claude and Codex as selectable agents in its Agent HQ platform in public preview [15][16], providing official VS Code integration documentation [17] for what had previously been visible only in community experimentation. Microsoft published Azure OpenAI documentation for Codex within Microsoft Foundry Models [18], adding a cloud-sovereign enterprise deployment path. Infosys issued a formal press release on its strategic collaboration with OpenAI [19][20], but CRN India captured the headline 'Infosys goes model-agnostic as OpenAI builds' [21] — a stance that treats Codex as one tool within a multi-vendor portfolio rather than a committed platform choice. UiPath's platform and GitHub's Agent HQ both formalize this pattern by treating Codex, Claude Code, and GitHub Copilot as interchangeable selectable components [22][23][15], expanding Codex's reach while simultaneously framing it as a commodity. A new $100/month Pro tier [24] and a 2-month free enterprise trial [25] complete a picture in which pricing, availability, and partnerships are shifting simultaneously across a competitive market where Anthropic and OpenAI ran simultaneous dueling enterprise promotions on the same day [26].
Timeline
- 2026-04-21: OpenAI publishes 'Scaling Codex to enterprises worldwide,' reporting 4M+ weekly active developers, announcing Codex Labs, and naming seven GSI partners: Accenture, Capgemini, CGI, Cognizant, Infosys, PwC, and TCS [1]
- 2026-04-29: Business and Enterprise Codex plans switch to Fast Mode as default, providing 2.5x usage allocation [59]
- 2026-05-12: OpenAI publishes NVIDIA and AutoScout24 enterprise case studies alongside a finance-team Codex tutorial [2][3][27]
- 2026-05-13: OpenAI opens a 2-month free Codex Enterprise trial for new business sign-ups [25]
- 2026-05-14: Codex launches in ChatGPT mobile app on iOS and Android in preview across all plans; Sea Limited case study published [28][4][60][61]
- 2026-05-15: OpenAI publishes engineering retrospective on the Windows sandbox, detailing rejected primitives and the final composed security architecture [29]
- 2026-05-16: Codex Windows app launches in Microsoft Store; community user later reports building their own sandbox after Codex wiped files on their machine [62][63][11][64][65]
- 2026-05-18: OpenAI and Dell Technologies announce partnership to deploy Codex in hybrid and on-premises enterprise environments; announcement explicitly extends Codex scope to knowledge work including report preparation and lead qualification [5][32][33][6][34][35]
- 2026-05-20: UiPath launches enterprise platform treating Codex, Claude Code, and GitHub Copilot as interchangeable selectable components; Infosys issues formal press release on strategic collaboration with OpenAI while publicly positioning as model-agnostic [22][42][23][19][20][21]
- 2026-05-21: GitHub officially launches Claude and Codex as selectable agents in Agent HQ platform in public preview with VS Code integration; Codex CLI 0.133.0 released; GPT-5.3-Codex reported as new base model for Copilot Business and Enterprise plans [15][16][36][17][38][66][67][68]
- 2026-05-22: Gartner names OpenAI a Leader in its 2026 Magic Quadrant for enterprise coding agents; CVE-2025-59532 (Codex CLI sandbox bypass RCE) disclosed publicly; Microsoft publishes Azure OpenAI/Foundry documentation for Codex; new $100/month Pro tier announced [7][8][9][10][14][18][24]
- 2026-05-23: OpenAI Codex Security research preview announced; Cymulate publishes mitigations for Codex CLI RCE and prompt injection vectors [13][14][48]
Perspectives
OpenAI (product and marketing)
Positions Codex as a production-ready, cross-platform, enterprise-grade platform with broad industry adoption, rapid user growth, expanding GSI and hardware partnerships, and — in the Dell announcement — an explicit ambition to serve knowledge work beyond software development. The Gartner Leader designation provides external validation for this positioning.
Evolution: Scope expanded: Dell announcement frames Codex as a knowledge-work platform [5]; Gartner validation now in public record [8]; Codex Security research preview [13] signals proactive attention to the security surface
OpenAI (engineering, Windows sandbox)
Candid about the difficulty of sandboxing an agentic workflow on Windows, openly acknowledging dead ends and explicit security-versus-usability tradeoffs in the final composed design
Evolution: Consistent in register; CVE-2025-59532 [10] and community file-deletion reports [11] now test the credibility of engineering-blog assurances post-hoc
Dell Technologies
Infrastructure partner enabling on-premises and hybrid Codex deployment, framing the arrangement as bringing AI coding agents into governed enterprise environments with data-residency controls and integration with the Dell AI Factory
Evolution: Consistent
GitHub / Microsoft
GitHub formally launched Claude and Codex as selectable agents in Agent HQ in public preview with official VS Code integration documentation; Microsoft separately published Azure OpenAI/Foundry documentation for Codex, positioning it as a cloud-sovereign enterprise deployment option
Evolution: GitHub moves from community-experimentation context to an official product voice; Microsoft/Azure represents a new distribution channel not previously documented [18]
Infosys
Official Codex GSI partner that simultaneously positions itself as model-agnostic, treating Codex as one tool within a multi-vendor AI portfolio rather than a committed platform choice
Evolution: Formal press release now documents the collaboration publicly [19][20], making the model-agnostic stance simultaneously more official and more precisely framed; CRN India captured it as 'Infosys goes model-agnostic as OpenAI builds' [21]
UiPath
Launched a multi-vendor enterprise platform treating Codex, Claude Code, and GitHub Copilot as interchangeable selectable components within a broader enterprise integration layer
Evolution: Consistent
Gartner
Named OpenAI a Leader in the 2026 Magic Quadrant for enterprise coding agents, providing the first independent analyst validation in the public record for Codex's enterprise positioning
Evolution: New voice; addresses the prior absence of third-party validation
Security researchers (Miggo, Cymulate)
Disclosed CVE-2025-59532, a sandbox bypass enabling remote code execution in the Codex CLI; Cymulate published mitigations for RCE and prompt injection attack vectors; additional researchers documented Windows sandbox hardening gaps
Evolution: New voice; introduces concrete, numbered vulnerability evidence into a conversation that had been limited to community speculation
NVIDIA
Active adopter using Codex alongside GPT-5.5 for both production software delivery and research acceleration
Evolution: Consistent; no new disclosures
Competitive observers and enterprise developer community
Frame OpenAI's free trial as a targeted competitive move against Anthropic; report concrete file-system damage from Codex agentic operations; document multi-agent orchestration treating Codex and Claude Code as interchangeable; note transparency gaps around Windows and EU/UK feature rollout timelines
Evolution: Community documentation of concrete harm — file deletion [11] — elevates sandbox risk discourse from theoretical to empirical; GitHub Agent HQ is now an official product path rather than a community workaround [15]
Tensions
- OpenAI's engineering post claims a carefully composed, multi-layer Windows sandbox architecture designed to withstand bypass attempts [29], but CVE-2025-59532 confirmed a sandbox bypass enabling remote code execution in the Codex CLI [10], and a community user built their own sandbox after Codex deleted files on their machine [11] — demonstrating that engineering-blog assurances and documented vulnerabilities now coexist in the public record without reconciliation. [29][11][10][14][50][51]
- OpenAI markets Codex as a uniquely positioned, purpose-built enterprise coding platform, but Infosys — one of its seven named GSI partners — publicly positions itself as model-agnostic [42][21], UiPath bundles Codex alongside Claude Code and GitHub Copilot as interchangeable components [22][23], and GitHub's Agent HQ formally treats Claude and Codex as equivalent selectable agents [15][16] — contradicting the differentiation narrative while simultaneously expanding distribution reach. [22][42][23][21][15][16][1]
- The Gartner Magic Quadrant Leader designation [8][9] partially addresses the prior absence of independent validation, but all named enterprise customer performance claims — faster cycles at AutoScout24, production shipping at NVIDIA, AI-native development at Sea Limited — still originate from OpenAI's own blog or co-published materials [1][2][3][4], and the simultaneous free trial offer [25] and dueling promotions [53][26] suggest OpenAI is still competing for market position rather than reporting from a settled installed base. [8][9][1][2][3][4][53][26][25]
- OpenAI frames Codex as a coding agent being extended into knowledge work including report preparation and lead qualification [5], but UiPath — whose core business is enterprise automation — absorbs Codex as one component within its own orchestration layer [44][45], and GitHub integrates it as one agent among peers in Agent HQ [15] — raising whether Codex is expanding into their territory or being subsumed by it. [5][44][45][15]
Sources
- [1] Scaling Codex to enterprises worldwide — OpenAI Blog (2026-04-21)
- [2] How NVIDIA engineers and researchers build with Codex — OpenAI Blog (2026-05-12)
- [3] AutoScout24 scales engineering with AI-powered workflows — OpenAI Blog (2026-05-12)
- [4] Sea's View on the Future of Agentic Software Development with Codex — OpenAI Blog (2026-05-14)
- [5] OpenAI and Dell partner to bring Codex to hybrid and on-premise enterprise environments — OpenAI Blog (2026-05-18)
- [6] OpenAI + Dell just brought Codex into enterprise infrastructure. On-premises. No cloud required. — reactive:openai-codex-enterprise-rollout (2026-05-19)
- [7] Codex、Gartnerの企業向けAIコーディングLeaderに選出 💻🤖 — reactive:openai-codex-enterprise-rollout (2026-05-23)
- [8] 🎯 CONFIRMED: OpenAI named a Leader in Gartner’s 2026 Magic Quadrant for enterprise coding agents — Codex is now enterpri... — reactive:openai-codex-enterprise-rollout (2026-05-22)
- [9] BREAKING: OpenAI named a leader in enterprise coding agents by Gartner. Codex is officially setting the standard for lar... — reactive:openai-codex-enterprise-rollout (2026-05-22)
- [10] CVE-2025-59532: Codex CLI Sandbox Bypass RCE | Miggo — reactive:openai-codex-enterprise-rollout
- [11] Built a Windows sandbox after Codex wiped files on my machine — reactive:openai-codex-enterprise-rollout
- [12] @thsottiaux Still terrified of possibility that Codex/Windows can do something outside of self-configured sandbox. Pleas... — reactive:openai-codex-enterprise-rollout (2026-05-18)
- [13] Codex Security: now in research preview - OpenAI — reactive:openai-codex-enterprise-rollout
- [14] Codex CLI RCE & Prompt Injection Mitigations — reactive:openai-codex-enterprise-rollout
- [15] Pick your agent: Use Claude and Codex on Agent HQ — reactive:openai-codex-enterprise-rollout
- [16] Claude and Codex are now available in public preview on GitHub — reactive:openai-codex-enterprise-rollout
- [17] Third-party agents in Visual Studio Code — reactive:openai-codex-enterprise-rollout
- [18] Codex with Azure OpenAI in Microsoft Foundry Models — reactive:openai-codex-enterprise-rollout
- [19] Infosys Announces Strategic Collaboration with OpenAI to Accelerate Enterprise AI Transformation and Unlock AI Value at Scale — reactive:openai-codex-enterprise-rollout
- [20] Infosys Announces Strategic Collaboration with OpenAI to Accelerate Enterprise AI Transformation and Unlock AI Value at Scale — reactive:openai-codex-enterprise-rollout
- [21] Infosys Partners with OpenAI on Codex | CRN India posted on the ... — reactive:openai-codex-enterprise-rollout
- [22] UiPath Launches Enterprise Platform for Claude Code, OpenAI Codex, Copilot, and More - https://t.co/BKLcG2k1oK @UiPath @... — reactive:openai-codex-enterprise-rollout (2026-05-20)
- [23] UiPath opens its platform to every coding agent - here's why Claude Code and Codex go first — reactive:openai-codex-enterprise-rollout
- [24] Introducing New $100/month Pro Tier - Announcements - OpenAI Developer Community — reactive:openai-codex-enterprise-rollout
- [25] Get 2 months of Codex for your enterprise, free — reactive:openai-codex-enterprise-rollout (2026-05-13)
- [26] OpenAI and Anthropic spent Wednesday lobbing dueling promos at enterprise developers, treating AI coding tools as the ne... — reactive:openai-codex-enterprise-rollout (2026-05-16)
- [27] How finance teams use Codex — OpenAI Blog (2026-05-12)
- [28] Work with Codex from anywhere — OpenAI Blog (2026-05-14)
- [29] Building a safe, effective sandbox to enable Codex on Windows — OpenAI Blog (2026-05-15)
- [30] Sandbox – Codex | OpenAI Developers — reactive:openai-codex-enterprise-rollout
- [31] How we built the Codex sandbox for Windows: — reactive:openai-codex-enterprise-rollout
- [32] OpenAI and Dell Technologies partner to bring Codex to hybrid and on-premises enterprise environments | OpenAI https://t... — reactive:openai-codex-enterprise-rollout (2026-05-20)
- [33] OpenAI and Dell Collaborate to Deploy Codex in Hybrid and On-Premise Enterprise Settings — reactive:openai-codex-enterprise-rollout (2026-05-20)
- [34] OpenAI and Dell just announced a partnership to bring Codex into hybrid and on-premises enterprise environments. — reactive:openai-codex-enterprise-rollout (2026-05-19)
- [35] OpenAI and Dell are moving Codex toward governed enterprise infrastructure: hybrid/on-prem data, systems of record, and ... — reactive:openai-codex-enterprise-rollout (2026-05-18)
- [36] GitHub brings Claude and Codex agents directly into Copilot - Tessl — reactive:openai-codex-enterprise-rollout
- [37] How GitHub Copilot Agent HQ is Transforming Development ... — reactive:openai-codex-enterprise-rollout
- [38] GitHub Copilot · Agents on GitHub — reactive:openai-codex-enterprise-rollout
- [39] GitHub Agent HQ: Multi-Agent Platform Guide 2025 - Digital Applied — reactive:openai-codex-enterprise-rollout
- [40] Infosys, OpenAI partner on enterprise AI coding | INFY Stock News — reactive:openai-codex-enterprise-rollout
- [41] OpenAI and Infosys expand Codex partnership for enterprise rollout — reactive:openai-codex-enterprise-rollout
- [42] Infosys goes model-agnostic as OpenAI builds GSI network to scale ... — reactive:openai-codex-enterprise-rollout
- [43] UiPath for Coding Agents Released | DEVOPSdigest — reactive:openai-codex-enterprise-rollout
- [44] From AI speed to enterprise reliability: introducing UiPath for Coding Agents | UiPath — reactive:openai-codex-enterprise-rollout
- [45] Unlocking Enterprise Transformation at Scale With UiPath for Coding Agents | UiPath — reactive:openai-codex-enterprise-rollout
- [46] Quickstart: Coding agents with UiPath Skills - Vote on Tutorials - UiPath Community Forum — reactive:openai-codex-enterprise-rollout
- [47] Enterprise Automation Platform for Coding Agents | UiPath — reactive:openai-codex-enterprise-rollout
- [48] A recently disclosed vulnerability in OpenAI Codex shows how AI ... — reactive:openai-codex-enterprise-rollout
- [49] Codex Security | OpenAI Help Center — reactive:openai-codex-enterprise-rollout
- [50] Codex Sandbox: How Windows Security Failed the AI Agent Test And Linux Didn't — reactive:openai-codex-enterprise-rollout
- [51] Windows sandbox hardening · Issue #23912 · openai/codex - GitHub — reactive:openai-codex-enterprise-rollout
- [52] Everyone is finding vulns. The hard part is proving them. — ProjectDiscovery Blog — reactive:openai-codex-enterprise-rollout
- [53] Codex offers free 2 month subscription to enterprise to shift claude customer base to openai — reactive:openai-codex-enterprise-rollout (2026-05-16)
- [54] New Windows update messed up Codex sandbox on windows. It won’t ever go away when clicking setup. It says successful the... — reactive:openai-codex-enterprise-rollout (2026-05-17)
- [55] I built an orchstrator that manages 30 agent (Claude Code, Codex ... — reactive:openai-codex-enterprise-rollout
- [56] Claude & Codex Agents in GitHub Copilot| Agent HQ in Action — reactive:openai-codex-enterprise-rollout
- [57] Use Claude and Codex on Agent HQ. (Github & Github Copilot) — reactive:openai-codex-enterprise-rollout
- [58] @jxnlco Honestly - transparency with timelines for Windows and EU/UK feature roll outs. — reactive:openai-codex-enterprise-rollout (2026-05-22)
- [59] Business and Enterprise Codex plans now default to Fast Mode (2.5x usage) — reactive:openai-codex-enterprise-rollout (2026-04-29)
- [60] OpenAI says Codex is coming to your phone - TechCrunch — reactive:codex-practical-dev-tool
- [61] Codex on mobile - ChatGPT — reactive:codex-practical-dev-tool
- [62] OpenAI Codex Arrives on Windows with Native Sandbox and Agentic Workflows | Windows Forum — reactive:openai-codex-enterprise-rollout
- [63] The Codex app is now on Windows - Codex - OpenAI Developer Community — reactive:openai-codex-enterprise-rollout
- [64] The Codex app is now on Windows - YouTube — reactive:openai-codex-enterprise-rollout
- [65] Codex - Free download and install on Windows | Microsoft Store — reactive:openai-codex-enterprise-rollout
- [66] 🚨Codex CLI 0.133.0 is out! — reactive:openai-codex-enterprise-rollout (2026-05-21)
- [67] Codex CLI 0.133.0 is out. — reactive:openai-codex-enterprise-rollout (2026-05-21)
- [68] Enterprise AI coding just crossed the procurement line: GPT-5.3-Codex is now the Copilot Business/Enterprise base model,... — reactive:openai-codex-enterprise-rollout (2026-05-21)