Brief IA

OpenAI Unveils GPT-5.5-Cyber for Security Experts

🤖 Models & LLM·Tom Levy·

OpenAI Unveils GPT-5.5-Cyber for Security Experts

OpenAI Unveils GPT-5.5-Cyber for Security Experts
Key Takeaways
1OpenAI has launched GPT-5.5-Cyber, an AI model with reduced security filters, intended for verified security researchers.
2The model is available in three tiers, with the most permissive level reserved for critical infrastructure defenders, in partnership with Cisco and CrowdStrike.
3GPT-5.5-Cyber competes with Anthropic's Mythos in cyberattack testing, as the White House considers new regulations.
💡Why it mattersThis initiative from OpenAI could transform how security experts approach the detection and management of cyber threats, while raising crucial regulatory questions.
Le brief IA que lisent les pros

Le brief IA que les pros lisent chaque soir

Les 7 actus IA du jour, décryptées en 5 min. Gratuit.

Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.

Choisis ton rythme

Gratuit · Pas de spam · Désabonnement en 1 clic

📄
Full Analysis

OpenAI recently launched GPT-5.5-Cyber, an artificial intelligence model specifically designed for verified security researchers. This model stands out due to its reduced security filters, allowing tasks such as penetration testing and malware analysis, operations often hindered by the restrictions of standard models.

Access to GPT-5.5-Cyber is structured in several tiers. OpenAI now divides access into three levels: the public model with standard restrictions, an intermediate level with relaxed filters for defensive work, and GPT-5.5-Cyber with the least restrictions for authorized penetration testing. The most permissive level is reserved for authorized defenders of critical infrastructure, in partnership with companies like Cisco and CrowdStrike. This approach aims to balance the need for security with the flexibility required for legitimate research work.

GPT-5.5-Cyber performs roughly at the same level as Mythos Preview from Anthropic regarding the detection and exploitation of software vulnerabilities. A source told the tech media outlet Axios that this model competes with Mythos in these areas. Anthropic takes a more restrictive approach, limiting access to Mythos to about 40 organizations through its Glasswing project. Meanwhile, the White House is considering regulating such releases, discussing executive orders that could give the government more power over how these types of models are published.

Features and Restrictions

The GPT-5.5-Cyber model is designed to be less restrictive on security topics. For example, while the public model refuses to provide a functional exploit for a known vulnerability, the intermediate level offers the code with documentation. GPT-5.5-Cyber goes even further. In a demonstration scenario, it actually executes the attack against a test server, takes control of the system, and reads system information. The system allows tasks such as malware analysis or reviewing security patches. According to OpenAI, it still blocks actions like password theft or attacking third-party systems. OpenAI clarifies that this variant is not smarter than the standard model; it is simply less constraining for security researchers. Starting from June 1, 2026, users at the highest access level will need to enable phishing-resistant authentication.

Partnerships and Access

Launch partners include leading companies such as Cisco, CrowdStrike, Palo Alto Networks, Cloudflare, Intel, Snyk, and SentinelOne. Through Codex Security, some developers working on open-source projects also benefit from discounted access.

Implications for Security and Regulation

This advancement from OpenAI comes at a time when Silicon Valley and regulators are questioning the offensive capabilities of new AI models. The AI Security Institute in the UK tested GPT-5.5 in a series of simulated attacks against a corporate network involving 32 steps. The model completed the full chain in 2 out of 10 trials, while Mythos succeeded 3 out of 10. In some individual expert-level tasks, GPT-5.5 even slightly outperformed its competitors.

The release of GPT-5.5-Cyber by OpenAI could thus reshape the cybersecurity landscape while raising crucial questions about regulation and the ethics of AI.

Brief IA — L'actualité IA en français

L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.