OpenAI Increases ‘Trusted Access for Cyber’ with release of GPT-5.5 and GPT-5.5-Cyber

After releasing Chat-GPT 5.5, OpenAI is now rolling out GPT-5.5-Cyber in limited preview to defenders responsible for securing critical infrastructure to support specialized cybersecurity workflows that help protect the broader ecosystem.

According to the company, “we are focused on providing proportional safeguards and access to empower cyber defenders to protect society, and our approach has been informed by conversations with cybersecurity and national security leaders across federal and state government and major commercial entities.”

The cyber defense ecosystem is broad, and GPT-5.5 and GPT-5.5-Cyber play different roles in meeting the needs of organizations and researchers across it, depending on the task, the setting, and the safeguards around how the model is used, OpenAI said.

Trusted Access for Cyber is an identity and trust-based framework designed to help ensure enhanced cyber capabilities are being placed in the right hands. It is designed to make the cyber capabilities of GPT-5.5 more useful for verified defenders working on defensive tasks, while continuing to restrict requests that could enable real-world harm, the company said.

When defenders are vetted and approved for Trusted Access for Cyber, they receive lower classifier-based refusals to enable authorized cybersecurity workflows, including vulnerability identification and triage, malware analysis, binary reverse engineering, detection engineering, and patch validation. Safeguards continue to block malicious activity such as credential theft, stealth, persistence, malware deployment, or exploitation of third-party systems.

With increased access, defenders are required to have phishing-resistant account security protections. Individual members of Trusted Access for Cyber accessing OpenAI’s most cyber capable and permissive models will be required to enable Advanced Account Security beginning June 1, 2026. Organizations with trusted access can, as an alternative, attest that they have phishing resistant authentication as part of their single sign-on workflow.

For most defenders, GPT-5.5 with Trusted Access for Cyber is the right starting point: this model can handle most legitimate defensive workflows while preserving the model's broad strengths and safety posture. That includes secure code review, vulnerability triage, malware analysis, detection engineering, and patch validation, said the vendor.

More specialized access becomes relevant only when authorized workflows still run into refusals. This occurs with higher risk workflows such as red teaming and penetration testing, where defenders may need to go beyond analysis, and validate exploitability in a controlled environment. GPT-5.5-Cyber is designed to facilitate these more specialized dual-use workflows.

Additoonally, the company is partnering with security vendors “because they sit where model capability can become customer protection: discovery, development, detection, response, and network enforcement.” When those layers improve together, they create a security flywheel: researchers disclose vulnerabilities with exploit proof-of-concepts and patch guidance, software supply chain tools prevent vulnerable code and compromised dependencies from reaching production, EDR and SIEM partners detect exploitation in the wild, and network and security providers deploy WAF-level mitigations while fixes roll out.

The next turn is preventing known-bad code from reaching production in the first place. Once a vulnerability or package compromise is understood, software supply chain tools can help stop risky dependencies, malicious updates, and vulnerable code paths before they spread across customer environments, OpenAI said.

As models become more capable in cybersecurity, the best use of that capability is to help defenders find and fix weaknesses faster.

“Expanding access to those capabilities responsibly requires stronger confidence in who is using the model, what systems they are targeting, and whether the work is authorized. As stronger identity and organization verification, approved-use scoping, and misuse monitoring improve, we expect access to broaden over time,” said the company.

For more information about this news, visit https://openai.com.