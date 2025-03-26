We’re sharing developments that reflect our progress, momentum and forward-looking commitment to security excellence on our ambitious path toward AGI.

Evolving our Cybersecurity Grant Program

Since launching the Cybersecurity Grant Program two years ago ⁠, we've reviewed over a thousand applications and funded 28 research initiatives, gaining critical insights into areas like prompt injection, secure code generation and autonomous cybersecurity defenses.

We're continuing to fund bold, innovative projects aimed at advancing the sciences of AI and cybersecurity.

The Cybersecurity Grant Program is now soliciting proposals for a wider range of projects. Priority focus areas for new grant applications include:

Software patching : Leveraging AI to detect and patch vulnerabilities.

Model privacy : Enhancing robustness against unintended exposure of private training data.

Detection and response : Improving detection and response capabilities against advanced persistent threats.

Security integration : Boosting accuracy and reliability of AI integration with security tools.

Agentic security : Increasing resilience in AI agents against sophisticated attacks.

We are also introducing microgrants for high quality proposals. These are API credits provided to researchers for quickly prototyping innovative cybersecurity ideas and experiments.

If you are interested in participating, we invite you to submit a proposal here ⁠.

Open-source security research

In addition to the Cybersecurity Grant Program, we are engaging researchers and practitioners throughout the cybersecurity community. This allows us to leverage the latest thinking and share our findings with those working toward a more secure digital world. To train our models, we partner with experts across academic, government, and commercial labs to benchmark skills gaps and obtain structured examples of advanced reasoning across cybersecurity domains. Collaboration has yielded impressive results on topics such as code security, an area where we intend to be industry leading with our model’s ability to find and patch vulnerabilities in code. We’ve internally demonstrated state of the art capability in this area with industry leading scores on public benchmarks, have found vulnerabilities in open source software code, and will be releasing security disclosures to relevant open source parties as we identify them and scale.

Expanding our Security Bug Bounty Program

Our Security Bug Bounty Program ⁠ rewards security researchers for responsibly identifying vulnerabilities and threats within our infrastructure and products. We are making program enhancements to better address evolving threats.

Increased maximum bug bounty payouts

We are significantly increasing the maximum bounty payout for exceptional and differentiated critical findings to $100,000 (previously $20,000). This increase reflects our commitment to rewarding meaningful, high-impact security research that helps us protect users and maintain trust in our systems.