The Information Machine

OpenAI Codex Enterprise Push: Mobile Launch, Windows Sandbox, and Customer Stories · history

Version 4

2026-05-23 02:38 UTC · 220 items

What

OpenAI's enterprise Codex campaign reached two opposing milestones simultaneously. Gartner named OpenAI a Leader in its 2026 Magic Quadrant for enterprise coding agents [7][8][9], providing the first independent analyst recognition to appear in the public record and addressing a persistent gap in third-party validation. At the same time, CVE-2025-59532 confirmed a sandbox bypass enabling remote code execution in the Codex CLI [10], and a community user documented building their own sandbox after Codex deleted files on their machine [11] — converting theoretical security fears into documented incidents. GitHub formalized the multi-vendor pattern by officially launching Claude and Codex as selectable agents in its Agent HQ platform in public preview [15][16], and Microsoft added Codex to Azure OpenAI in Microsoft Foundry Models [18], expanding enterprise distribution beyond the Dell on-premises partnership.

Why it matters

The Gartner designation clears the most common enterprise procurement hurdle — analyst firm validation — while the CVE simultaneously raises the risk profile for security-conscious adopters. Together they illustrate a pattern common to enterprise platform races: credibility signals and security incidents arriving at the same time. The GitHub Agent HQ and Azure Foundry integrations cement Codex as a commodity component within larger platforms, which expands reach at the cost of differentiation and strengthens the substitutability narrative that undercuts OpenAI's lock-in strategy.

Open questions

  • CVE-2025-59532 confirmed a sandbox bypass RCE in the Codex CLI [10][14] — has OpenAI issued a patch, and does the vulnerability scope extend to the Windows sandbox or only to CLI/Linux deployments?

  • Gartner named OpenAI a Leader in enterprise coding agents [8][9], but the report criteria are not public — how does Codex compare to GitHub Copilot, Cursor, and Claude Code in the evaluation, and does the designation cover the CLI, the web app, or both?

  • Microsoft published Azure/Foundry documentation for Codex [18] as a path distinct from the Dell on-premises partnership [5] — do the two channels offer equivalent agentic capabilities, or does Azure impose constraints on multi-step autonomous tasks?

  • A community user documented building their own sandbox after Codex deleted files on their machine [11] — does OpenAI publish incident response guidance or rollback procedures for agentic file-system operations that cause unintended damage?

Narrative

OpenAI's push to establish Codex as the dominant enterprise coding platform across April–May 2026 combines user-growth metrics, sector-spanning customer stories, GSI and hardware partnerships, and platform expansion across devices and operating systems. An April 21 blog post reported Codex weekly active developers growing from 3 million to over 4 million in roughly two weeks [1], simultaneously announcing Codex Labs and partnerships with seven global systems integrators — Accenture, Capgemini, CGI, Cognizant, Infosys, PwC, and TCS [1]. Named customer deployments span NVIDIA (production software delivery and research acceleration with Codex and GPT-5.5) [2], AutoScout24 (faster engineering cycles) [3], Sea Limited (AI-native development) [4], and a second wave covering Virgin Atlantic, Ramp, Notion, Cisco, and Rakuten across test coverage, code review, incident response, and repository reasoning [1]. A Dell Technologies partnership announced May 18 addressed the most common enterprise security objection by enabling on-premises and hybrid deployment, while also extending Codex's framing beyond coding into report preparation, lead qualification, and cross-system workflow coordination [5][6].

Two late-May developments altered the evidence landscape in opposing directions. Gartner named OpenAI a Leader in its 2026 Magic Quadrant for enterprise coding agents [7][8][9] — the first independent analyst validation to appear in the public record, addressing a prior gap where all substantive performance and adoption claims originated from OpenAI's own blog or co-published customer materials. On the security side, CVE-2025-59532 documented a sandbox bypass enabling remote code execution in the Codex CLI [10], and a community user published an account of building their own sandbox after Codex deleted files on their machine [11] — incidents that give concrete specificity to concerns previously articulated only as theoretical fears [12]. OpenAI separately launched Codex Security as a research preview [13], and Cymulate published mitigations for the RCE and prompt injection attack vectors [14], indicating that the security surface is receiving attention from both OpenAI and third-party researchers, though the patch status for CVE-2025-59532 has not been publicly confirmed.

Distribution expanded on two additional fronts beyond Dell. GitHub formally launched Claude and Codex as selectable agents in its Agent HQ platform in public preview [15][16], providing official VS Code integration documentation [17] for what had previously been visible only in community experimentation. Microsoft published Azure OpenAI documentation for Codex within Microsoft Foundry Models [18], adding a cloud-sovereign enterprise deployment path. Infosys issued a formal press release on its strategic collaboration with OpenAI [19][20], but CRN India captured the headline 'Infosys goes model-agnostic as OpenAI builds' [21] — a stance that treats Codex as one tool within a multi-vendor portfolio rather than a committed platform choice. UiPath's platform and GitHub's Agent HQ both formalize this pattern by treating Codex, Claude Code, and GitHub Copilot as interchangeable selectable components [22][23][15], expanding Codex's reach while simultaneously framing it as a commodity. A new $100/month Pro tier [24] and a 2-month free enterprise trial [25] complete a picture in which pricing, availability, and partnerships are shifting simultaneously across a competitive market where Anthropic and OpenAI ran simultaneous dueling enterprise promotions on the same day [26].

Timeline

  • 2026-04-21: OpenAI publishes 'Scaling Codex to enterprises worldwide,' reporting 4M+ weekly active developers, announcing Codex Labs, and naming seven GSI partners: Accenture, Capgemini, CGI, Cognizant, Infosys, PwC, and TCS [1]
  • 2026-04-29: Business and Enterprise Codex plans switch to Fast Mode as default, providing 2.5x usage allocation [59]
  • 2026-05-12: OpenAI publishes NVIDIA and AutoScout24 enterprise case studies alongside a finance-team Codex tutorial [2][3][27]
  • 2026-05-13: OpenAI opens a 2-month free Codex Enterprise trial for new business sign-ups [25]
  • 2026-05-14: Codex launches in ChatGPT mobile app on iOS and Android in preview across all plans; Sea Limited case study published [28][4][60][61]
  • 2026-05-15: OpenAI publishes engineering retrospective on the Windows sandbox, detailing rejected primitives and the final composed security architecture [29]
  • 2026-05-16: Codex Windows app launches in Microsoft Store; community user later reports building their own sandbox after Codex wiped files on their machine [62][63][11][64][65]
  • 2026-05-18: OpenAI and Dell Technologies announce partnership to deploy Codex in hybrid and on-premises enterprise environments; announcement explicitly extends Codex scope to knowledge work including report preparation and lead qualification [5][32][33][6][34][35]
  • 2026-05-20: UiPath launches enterprise platform treating Codex, Claude Code, and GitHub Copilot as interchangeable selectable components; Infosys issues formal press release on strategic collaboration with OpenAI while publicly positioning as model-agnostic [22][42][23][19][20][21]
  • 2026-05-21: GitHub officially launches Claude and Codex as selectable agents in Agent HQ platform in public preview with VS Code integration; Codex CLI 0.133.0 released; GPT-5.3-Codex reported as new base model for Copilot Business and Enterprise plans [15][16][36][17][38][66][67][68]
  • 2026-05-22: Gartner names OpenAI a Leader in its 2026 Magic Quadrant for enterprise coding agents; CVE-2025-59532 (Codex CLI sandbox bypass RCE) disclosed publicly; Microsoft publishes Azure OpenAI/Foundry documentation for Codex; new $100/month Pro tier announced [7][8][9][10][14][18][24]
  • 2026-05-23: OpenAI Codex Security research preview announced; Cymulate publishes mitigations for Codex CLI RCE and prompt injection vectors [13][14][48]

Perspectives

OpenAI (product and marketing)

Positions Codex as a production-ready, cross-platform, enterprise-grade platform with broad industry adoption, rapid user growth, expanding GSI and hardware partnerships, and — in the Dell announcement — an explicit ambition to serve knowledge work beyond software development. The Gartner Leader designation provides external validation for this positioning.

Evolution: Scope expanded: Dell announcement frames Codex as a knowledge-work platform [5]; Gartner validation now in public record [8]; Codex Security research preview [13] signals proactive attention to the security surface

OpenAI (engineering, Windows sandbox)

Candid about the difficulty of sandboxing an agentic workflow on Windows, openly acknowledging dead ends and explicit security-versus-usability tradeoffs in the final composed design

Evolution: Consistent in register; CVE-2025-59532 [10] and community file-deletion reports [11] now test the credibility of engineering-blog assurances post-hoc

Dell Technologies

Infrastructure partner enabling on-premises and hybrid Codex deployment, framing the arrangement as bringing AI coding agents into governed enterprise environments with data-residency controls and integration with the Dell AI Factory

Evolution: Consistent

GitHub / Microsoft

GitHub formally launched Claude and Codex as selectable agents in Agent HQ in public preview with official VS Code integration documentation; Microsoft separately published Azure OpenAI/Foundry documentation for Codex, positioning it as a cloud-sovereign enterprise deployment option

Evolution: GitHub moves from community-experimentation context to an official product voice; Microsoft/Azure represents a new distribution channel not previously documented [18]

Infosys

Official Codex GSI partner that simultaneously positions itself as model-agnostic, treating Codex as one tool within a multi-vendor AI portfolio rather than a committed platform choice

Evolution: Formal press release now documents the collaboration publicly [19][20], making the model-agnostic stance simultaneously more official and more precisely framed; CRN India captured it as 'Infosys goes model-agnostic as OpenAI builds' [21]

UiPath

Launched a multi-vendor enterprise platform treating Codex, Claude Code, and GitHub Copilot as interchangeable selectable components within a broader enterprise integration layer

Evolution: Consistent

Gartner

Named OpenAI a Leader in the 2026 Magic Quadrant for enterprise coding agents, providing the first independent analyst validation in the public record for Codex's enterprise positioning

Evolution: New voice; addresses the prior absence of third-party validation

Security researchers (Miggo, Cymulate)

Disclosed CVE-2025-59532, a sandbox bypass enabling remote code execution in the Codex CLI; Cymulate published mitigations for RCE and prompt injection attack vectors; additional researchers documented Windows sandbox hardening gaps

Evolution: New voice; introduces concrete, numbered vulnerability evidence into a conversation that had been limited to community speculation

NVIDIA

Active adopter using Codex alongside GPT-5.5 for both production software delivery and research acceleration

Evolution: Consistent; no new disclosures

Competitive observers and enterprise developer community

Frame OpenAI's free trial as a targeted competitive move against Anthropic; report concrete file-system damage from Codex agentic operations; document multi-agent orchestration treating Codex and Claude Code as interchangeable; note transparency gaps around Windows and EU/UK feature rollout timelines

Evolution: Community documentation of concrete harm — file deletion [11] — elevates sandbox risk discourse from theoretical to empirical; GitHub Agent HQ is now an official product path rather than a community workaround [15]

Tensions

  • OpenAI's engineering post claims a carefully composed, multi-layer Windows sandbox architecture designed to withstand bypass attempts [29], but CVE-2025-59532 confirmed a sandbox bypass enabling remote code execution in the Codex CLI [10], and a community user built their own sandbox after Codex deleted files on their machine [11] — demonstrating that engineering-blog assurances and documented vulnerabilities now coexist in the public record without reconciliation. [29][11][10][14][50][51]
  • OpenAI markets Codex as a uniquely positioned, purpose-built enterprise coding platform, but Infosys — one of its seven named GSI partners — publicly positions itself as model-agnostic [42][21], UiPath bundles Codex alongside Claude Code and GitHub Copilot as interchangeable components [22][23], and GitHub's Agent HQ formally treats Claude and Codex as equivalent selectable agents [15][16] — contradicting the differentiation narrative while simultaneously expanding distribution reach. [22][42][23][21][15][16][1]
  • The Gartner Magic Quadrant Leader designation [8][9] partially addresses the prior absence of independent validation, but all named enterprise customer performance claims — faster cycles at AutoScout24, production shipping at NVIDIA, AI-native development at Sea Limited — still originate from OpenAI's own blog or co-published materials [1][2][3][4], and the simultaneous free trial offer [25] and dueling promotions [53][26] suggest OpenAI is still competing for market position rather than reporting from a settled installed base. [8][9][1][2][3][4][53][26][25]
  • OpenAI frames Codex as a coding agent being extended into knowledge work including report preparation and lead qualification [5], but UiPath — whose core business is enterprise automation — absorbs Codex as one component within its own orchestration layer [44][45], and GitHub integrates it as one agent among peers in Agent HQ [15] — raising whether Codex is expanding into their territory or being subsumed by it. [5][44][45][15]

Sources

  1. [1] Scaling Codex to enterprises worldwide — OpenAI Blog (2026-04-21)
  2. [2] How NVIDIA engineers and researchers build with Codex — OpenAI Blog (2026-05-12)
  3. [3] AutoScout24 scales engineering with AI-powered workflows — OpenAI Blog (2026-05-12)
  4. [4] Sea's View on the Future of Agentic Software Development with Codex — OpenAI Blog (2026-05-14)
  5. [5] OpenAI and Dell partner to bring Codex to hybrid and on-premise enterprise environments — OpenAI Blog (2026-05-18)
  6. [6] OpenAI + Dell just brought Codex into enterprise infrastructure. On-premises. No cloud required. — reactive:openai-codex-enterprise-rollout (2026-05-19)
  7. [7] Codex、Gartnerの企業向けAIコーディングLeaderに選出 💻🤖 — reactive:openai-codex-enterprise-rollout (2026-05-23)
  8. [8] 🎯 CONFIRMED: OpenAI named a Leader in Gartner’s 2026 Magic Quadrant for enterprise coding agents — Codex is now enterpri... — reactive:openai-codex-enterprise-rollout (2026-05-22)
  9. [9] BREAKING: OpenAI named a leader in enterprise coding agents by Gartner. Codex is officially setting the standard for lar... — reactive:openai-codex-enterprise-rollout (2026-05-22)
  10. [10] CVE-2025-59532: Codex CLI Sandbox Bypass RCE | Miggo — reactive:openai-codex-enterprise-rollout
  11. [11] Built a Windows sandbox after Codex wiped files on my machine — reactive:openai-codex-enterprise-rollout
  12. [12] @thsottiaux Still terrified of possibility that Codex/Windows can do something outside of self-configured sandbox. Pleas... — reactive:openai-codex-enterprise-rollout (2026-05-18)
  13. [13] Codex Security: now in research preview - OpenAI — reactive:openai-codex-enterprise-rollout
  14. [14] Codex CLI RCE & Prompt Injection Mitigations — reactive:openai-codex-enterprise-rollout
  15. [15] Pick your agent: Use Claude and Codex on Agent HQ — reactive:openai-codex-enterprise-rollout
  16. [16] Claude and Codex are now available in public preview on GitHub — reactive:openai-codex-enterprise-rollout
  17. [17] Third-party agents in Visual Studio Code — reactive:openai-codex-enterprise-rollout
  18. [18] Codex with Azure OpenAI in Microsoft Foundry Models — reactive:openai-codex-enterprise-rollout
  19. [19] Infosys Announces Strategic Collaboration with OpenAI to Accelerate Enterprise AI Transformation and Unlock AI Value at Scale — reactive:openai-codex-enterprise-rollout
  20. [20] Infosys Announces Strategic Collaboration with OpenAI to Accelerate Enterprise AI Transformation and Unlock AI Value at Scale — reactive:openai-codex-enterprise-rollout
  21. [21] Infosys Partners with OpenAI on Codex | CRN India posted on the ... — reactive:openai-codex-enterprise-rollout
  22. [22] UiPath Launches Enterprise Platform for Claude Code, OpenAI Codex, Copilot, and More - https://t.co/BKLcG2k1oK @UiPath @... — reactive:openai-codex-enterprise-rollout (2026-05-20)
  23. [23] UiPath opens its platform to every coding agent - here's why Claude Code and Codex go first — reactive:openai-codex-enterprise-rollout
  24. [24] Introducing New $100/month Pro Tier - Announcements - OpenAI Developer Community — reactive:openai-codex-enterprise-rollout
  25. [25] Get 2 months of Codex for your enterprise, free — reactive:openai-codex-enterprise-rollout (2026-05-13)
  26. [26] OpenAI and Anthropic spent Wednesday lobbing dueling promos at enterprise developers, treating AI coding tools as the ne... — reactive:openai-codex-enterprise-rollout (2026-05-16)
  27. [27] How finance teams use Codex — OpenAI Blog (2026-05-12)
  28. [28] Work with Codex from anywhere — OpenAI Blog (2026-05-14)
  29. [29] Building a safe, effective sandbox to enable Codex on Windows — OpenAI Blog (2026-05-15)
  30. [30] Sandbox – Codex | OpenAI Developers — reactive:openai-codex-enterprise-rollout
  31. [31] How we built the Codex sandbox for Windows: — reactive:openai-codex-enterprise-rollout
  32. [32] OpenAI and Dell Technologies partner to bring Codex to hybrid and on-premises enterprise environments | OpenAI https://t... — reactive:openai-codex-enterprise-rollout (2026-05-20)
  33. [33] OpenAI and Dell Collaborate to Deploy Codex in Hybrid and On-Premise Enterprise Settings — reactive:openai-codex-enterprise-rollout (2026-05-20)
  34. [34] OpenAI and Dell just announced a partnership to bring Codex into hybrid and on-premises enterprise environments. — reactive:openai-codex-enterprise-rollout (2026-05-19)
  35. [35] OpenAI and Dell are moving Codex toward governed enterprise infrastructure: hybrid/on-prem data, systems of record, and ... — reactive:openai-codex-enterprise-rollout (2026-05-18)
  36. [36] GitHub brings Claude and Codex agents directly into Copilot - Tessl — reactive:openai-codex-enterprise-rollout
  37. [37] How GitHub Copilot Agent HQ is Transforming Development ... — reactive:openai-codex-enterprise-rollout
  38. [38] GitHub Copilot · Agents on GitHub — reactive:openai-codex-enterprise-rollout
  39. [39] GitHub Agent HQ: Multi-Agent Platform Guide 2025 - Digital Applied — reactive:openai-codex-enterprise-rollout
  40. [40] Infosys, OpenAI partner on enterprise AI coding | INFY Stock News — reactive:openai-codex-enterprise-rollout
  41. [41] OpenAI and Infosys expand Codex partnership for enterprise rollout — reactive:openai-codex-enterprise-rollout
  42. [42] Infosys goes model-agnostic as OpenAI builds GSI network to scale ... — reactive:openai-codex-enterprise-rollout
  43. [43] UiPath for Coding Agents Released | DEVOPSdigest — reactive:openai-codex-enterprise-rollout
  44. [44] From AI speed to enterprise reliability: introducing UiPath for Coding Agents | UiPath — reactive:openai-codex-enterprise-rollout
  45. [45] Unlocking Enterprise Transformation at Scale With UiPath for Coding Agents | UiPath — reactive:openai-codex-enterprise-rollout
  46. [46] Quickstart: Coding agents with UiPath Skills - Vote on Tutorials - UiPath Community Forum — reactive:openai-codex-enterprise-rollout
  47. [47] Enterprise Automation Platform for Coding Agents | UiPath — reactive:openai-codex-enterprise-rollout
  48. [48] A recently disclosed vulnerability in OpenAI Codex shows how AI ... — reactive:openai-codex-enterprise-rollout
  49. [49] Codex Security | OpenAI Help Center — reactive:openai-codex-enterprise-rollout
  50. [50] Codex Sandbox: How Windows Security Failed the AI Agent Test And Linux Didn't — reactive:openai-codex-enterprise-rollout
  51. [51] Windows sandbox hardening · Issue #23912 · openai/codex - GitHub — reactive:openai-codex-enterprise-rollout
  52. [52] Everyone is finding vulns. The hard part is proving them. — ProjectDiscovery Blog — reactive:openai-codex-enterprise-rollout
  53. [53] Codex offers free 2 month subscription to enterprise to shift claude customer base to openai — reactive:openai-codex-enterprise-rollout (2026-05-16)
  54. [54] New Windows update messed up Codex sandbox on windows. It won’t ever go away when clicking setup. It says successful the... — reactive:openai-codex-enterprise-rollout (2026-05-17)
  55. [55] I built an orchstrator that manages 30 agent (Claude Code, Codex ... — reactive:openai-codex-enterprise-rollout
  56. [56] Claude & Codex Agents in GitHub Copilot| Agent HQ in Action — reactive:openai-codex-enterprise-rollout
  57. [57] Use Claude and Codex on Agent HQ. (Github & Github Copilot) — reactive:openai-codex-enterprise-rollout
  58. [58] @jxnlco Honestly - transparency with timelines for Windows and EU/UK feature roll outs. — reactive:openai-codex-enterprise-rollout (2026-05-22)
  59. [59] Business and Enterprise Codex plans now default to Fast Mode (2.5x usage) — reactive:openai-codex-enterprise-rollout (2026-04-29)
  60. [60] OpenAI says Codex is coming to your phone - TechCrunch — reactive:codex-practical-dev-tool
  61. [61] Codex on mobile - ChatGPT — reactive:codex-practical-dev-tool
  62. [62] OpenAI Codex Arrives on Windows with Native Sandbox and Agentic Workflows | Windows Forum — reactive:openai-codex-enterprise-rollout
  63. [63] The Codex app is now on Windows - Codex - OpenAI Developer Community — reactive:openai-codex-enterprise-rollout
  64. [64] The Codex app is now on Windows - YouTube — reactive:openai-codex-enterprise-rollout
  65. [65] Codex - Free download and install on Windows | Microsoft Store — reactive:openai-codex-enterprise-rollout
  66. [66] 🚨Codex CLI 0.133.0 is out! — reactive:openai-codex-enterprise-rollout (2026-05-21)
  67. [67] Codex CLI 0.133.0 is out. — reactive:openai-codex-enterprise-rollout (2026-05-21)
  68. [68] Enterprise AI coding just crossed the procurement line: GPT-5.3-Codex is now the Copilot Business/Enterprise base model,... — reactive:openai-codex-enterprise-rollout (2026-05-21)