OpenAI Revolutionizes Cybersecurity with Daybreak and Codex Security
Le brief IA que les pros lisent chaque soir
Les 7 actus IA du jour, décryptées en 5 min. Gratuit.
Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.
Choisis ton rythme
Gratuit · Pas de spam · Désabonnement en 1 clic
On May 11, OpenAI announced the launch of Daybreak, an innovative initiative dedicated to cybersecurity. This platform brings together specialized AI models, including the Codex Security agent, and relies on a vast network of influential partners in the field of cybersecurity. Daybreak aims to integrate cybersecurity from the earliest stages of software development, rather than addressing it as an afterthought.
Daybreak: Securing Code from Its Design
Daybreak unites several existing technologies around a common goal: to integrate cybersecurity into the software development cycle. At the heart of this initiative is Codex Security, an agent launched in March that analyzes an organization's code repositories, builds editable threat models, identifies the most likely attack paths, and generates tested patches in an isolated environment.
Daybreak's features include secure code review, where Codex Security analyzes the codebase to identify complex vulnerabilities by following data flows between files. The agent also constructs an editable threat model from the repository and validates patches in an isolated environment to report only real and reproducible issues.
Dependency analysis is another key function, where third-party libraries integrated into the project are evaluated for associated risks. Finally, the detection and remediation of high-impact vulnerabilities are ensured through end-to-end automated monitoring. Audit evidence is sent back to the organizations' systems to ensure rigorous tracking.
Among the partners associated with the launch of Daybreak are renowned companies such as Cloudflare, Cisco, CrowdStrike, Palo Alto Networks, Oracle, Akamai, Fortinet, SentinelOne, Okta, and Snyk. OpenAI is also collaborating with government partners before deploying models with even more advanced cyber capabilities.
Cybersecurity: A Major Challenge for AI Giants
Cybersecurity has become a priority for major AI labs, as AI capabilities are increasingly being exploited by cyber attackers. Francis deSouza, president of security products at Google Cloud, recently emphasized that "human analysts simply cannot keep up with AI-driven attacks."
In early April, Anthropic launched Claude Mythos Preview as part of the Project Glasswing, a frontier model deemed too powerful for public release and restricted to around fifty organizations, including Apple, Microsoft, and Amazon. In just a few weeks of testing, Mythos identified thousands of critical vulnerabilities in major operating systems and browsers. Anthropic has since expanded its offensive with Claude Security, a tool for scanning and fixing vulnerabilities in code, which entered public beta in early May for Enterprise clients.
OpenAI did not wait for Daybreak to respond. By the end of April, Sam Altman announced the deployment of GPT-5.5-Cyber, a frontier variant of GPT-5.5 specialized in cyber defense, capable of identifying vulnerabilities, analyzing malware, and conducting penetration tests.
Google, for its part, opened this field during Google Cloud Next 26 at the end of April. Through the integration of Wiz, acquired for $32 billion, and the enhancement of Google SecOps, the group is deploying several AI agents covering threat hunting, detection, and, with Wiz's Green agent, automated remediation.
Deployment and Access to Daybreak
OpenAI has structured Daybreak around three levels of models, depending on the profile and usage: GPT-5.5 retains standard safeguards for general tasks (development, business knowledge), while GPT-5.5 with Trusted Access for Cyber (TAC) is reserved for accredited defense teams for workflows such as secure code review, vulnerability triage, malware analysis, and detection.
Finally, GPT-5.5-Cyber targets authorized specialized uses, such as red teaming and controlled penetration testing, with enhanced account-level checks. Access to these models is provided through the TAC program, available to all companies, from startups to multinationals, via an application form on the OpenAI website. Pricing details have not yet been disclosed.
Brief IA — L'actualité IA en français
L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.