OpenAI expands 'Daybreak' cyber program: New tools, partnerships, and a cyber-focused GPT-5.5 aim to help 'patch the world'
The company has added new tools, signed up partners, and released its GPT-5.5-Cyber model more widely
OpenAI has expanded its Daybreak cybersecurity initiative to cover fixing vulnerabilities, not just identifying them.
The AI developer has introduced a series of new tools, and signed up a host of partners to lead the scheme, including Accenture, Check Point, Cisco, CrowdStrike, IBM, and more.
"Vulnerability reports, on their own, do not protect anyone. The value comes from validating the issue, understanding its impact, developing and testing a patch, coordinating disclosure, and helping teams deploy the fix," said the firm.
"We are investing alongside our partners to improve these latter steps, in order to turbocharge defenders and convert model capability into real-world risk reduction."
OpenAI said it has tweaked models to discover and generate patches for critical vulnerabilities in major browsers, network infrastructure, and operating systems such as FreeBSD and the Linux kernel.
To scale the effectiveness of these capabilities, it's launching an update to the Codex Security plugin.
This aims to speed up the process of discovering and patching vulnerabilities in existing systems, as well as automatically preventing new vulnerabilities from ever reaching production.
OpenAI touts GPT-5.5-Cyber capabilities
Notably - and following an initial permissive-only preview - OpenAI confirmed plans to launch the full version of GPT‑5.5‑Cyber through a continued limited release.
The company is also working with researchers, maintainers, enterprises, and partners for its Patch the Planet initiative, founded with Trail of Bits to help widely used open source projects move from findings to fixes.
More than 30 open source projects have committed to participate so far, including:
- cURL
- Go
- Python
- Sigstore
- pyca/cryptography
OpenAI leans on partners
Elsewhere, the new OpenAI Daybreak Cyber Partner Program allows participating organizations to use GPT‑5.5 with Trusted Access for Cyber in the security products and services they provide.
This, the firm said, allows their customers to get the benefits of the model’s defensive capabilities and make their software more resilient, but still keeps direct model access in the hands of participating partners.
“Organizations are looking for practical ways to apply AI to strengthen cyber defence while maintaining strong governance and safety controls,” said Ryan Kalember, chief strategy officer at Proofpoint.
“By incorporating GPT-5.5 through the OpenAI Cyber Partner Program into Proofpoint’s products, services, and AI-powered security workflows, we can help security teams improve threat investigation, decision-making, and efficiency as they protect their people, data, and AI agents."
Government engagement
OpenAI said it's also been working with government bodies in Australia, Canada, France, Germany, Japan, the Republic of Korea and the EU, on cyber testing, evaluation, and standards.
"We also have a growing and trusted partnership with the UK government around cyber testing and evaluation, and other areas of mutual interest," said the firm.
"We plan to work directly with eligible operators of critical infrastructure, including government networks, to develop safeguards tailored to the systems they operate."
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
-
Workday hits back amid lawsuit claiming AI recruitment discriminationNews Is AI hiring discriminatory? A California has given the go-ahead for a class action suit against Workday
-
'LineShine' supercomputer bags first place on Top500News The Shenzhen-based LineShine supercomputer pushes El Capitan and co further down the rankings
-
IT teams are bullish on AI tools, but they’re worried security practices can’t keep paceNews Executives and IT teams are at odds over the risks associated with AI adoption
-
Hackers are capitalizing on AI hype to ramp up social engineering attacks – and they're using big brands like Anthropic, OpenAI, and DeepSeek as ‘bait’ to lure victimsNews Microsoft says cyber criminals are impersonating popular AI platforms to deliver malware
-
‘These sorts of post-compromise techniques used to be restricted to actors with the technical knowledge to carry them out’: Anthropic warns AI is helping lower the bar for up-and-coming hackersNews AI is making it harder to differentiate between high and low-skilled actors
-
AI is shrinking attack windows, and it’s forcing a complete rethink of cyber resilience – here’s how organizations can prepareNews Commvault has urged companies to improve their business continuity and resilience plans in the face of flaws spotted by AI
-
Google says AI is now being used to build zero-days – and we just narrowly avoided a 'mass exploitation event'News Google cyber researchers think they’ve found the first AI-generated zero-day exploit
-
Everything you need to know about ChatGPT’s new Advanced Account Security featuresNews OpenAI has introduced new tools to tightening up access to ChatGPT, Codex, and its other AI tools
