Scaling Trusted Access for Cyber with GPT‑5.5 and GPT‑5.5‑Cyber
How our latest models help each layer of the defensive ecosystem and accelerate the security flywheel.
For years we’ve been chronicling our work to accelerate cybersecurity defenders, as part of our broader work to build the core infrastructure for AI. Last week, we released our action plan Cybersecurity in the Intelligence Age, which lays out our vision for democratizing AI-powered defense. Two weeks ago, we released GPT‑5.5, our smartest and most intuitive model to date, which is already delivering powerful cybersecurity capabilities to developers and security teams through Trusted Access for Cyber (TAC).
Today, we are rolling out GPT‑5.5‑Cyber in limited preview to defenders responsible for securing critical infrastructure to support specialized cybersecurity workflows that help protect the broader ecosystem.
We are focused on providing proportional safeguards and access to empower cyber defenders to protect society, and our approach has been informed by conversations with cybersecurity and national security leaders across federal and state government and major commercial entities.
The cyber defense ecosystem is broad, and GPT‑5.5 and GPT‑5.5‑Cyber play different roles in meeting the needs of organizations and researchers across it, depending on the task, the setting, and the safeguards around how the model is used. For most teams, GPT‑5.5 with TAC is our strongest broadly useful model for legitimate defensive work, with strong safeguards against misuse.
In this post, we are sharing more details on how Trusted Access for Cyber works, how GPT‑5.5 and GPT‑5.5‑Cyber meet the varied needs of defenders across the ecosystem, and how different levels of access affect model outputs.
Trusted Access for Cyber is an identity and trust-based framework designed to help ensure enhanced cyber capabilities are being placed in the right hands. It is designed to make the cyber capabilities of GPT‑5.5 more useful for verified defenders working on defensive tasks, while continuing to restrict requests that could enable real-world harm.
When defenders are vetted and approved for Trusted Access for Cyber, they receive lower classifier-based refusals to enable authorized cybersecurity workflows, including vulnerability identification and triage, malware analysis, binary reverse engineering, detection engineering, and patch validation. Safeguards continue to block malicious activity such as credential theft, stealth, persistence, malware deployment, or exploitation of third-party systems.
As we announced last week, with increased access, defenders are required to have phishing-resistant account security protections. Individual members of Trusted Access for Cyber accessing our most cyber capable and permissive models will be required to enable Advanced Account Security beginning June 1, 2026. Organizations with trusted access can, as an alternative, attest that they have phishing resistant authentication as part of their single sign-on workflow.
Here is a breakdown for how to think about the current trusted access levels:
Akses | Apa sing owah | Conto panggunaan sing dituju |
GPT‑5.5 (default) | Pangayoman standar kanggo panggunaan umum | Kagunaan umum, pangembang, lan pakaryan kawruh |
GPT‑5.5 kanthi Akses Tepercaya kanggo Siber | Pangayoman sing luwih presisi kanggo karya pertahanan sing wis diverifikasi ing lingkungan sing sah | Umume alur kerja keamanan defensif, kalebu tinjauan kode sing aman, triase kerentanan, analisis malware, rekayasa deteksi, lan validasi patch |
GPT‑5.5‑Cyber | Prilaku sing paling permisif kanggo alur kerja khusus sing diotorisasi, digandhengake karo verifikasi sing luwih kuwat lan kontrol tingkat akun | Akses pratinjau kanggo alur kerja khusus, kalebu red teaming sing sah, uji penetrasi, lan validasi sing dikontrol |
The differences between model access levels are most pronounced when comparing prompts and responses. The first example illustrates how GPT‑5.5 compares to GPT‑5.5 with Trusted Access for Cyber on a defensive task: create a proof-of-concept from a published vulnerability to validate remediation within an authorized environment.
- cve.org/CVERecord?id=CVE-2025-55182
- react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
For most defenders, GPT‑5.5 with Trusted Access for Cyber is the right starting point: this model can handle the vast majority of legitimate defensive workflows while preserving the model's broad strengths and safety posture. That includes secure code review, vulnerability triage, malware analysis, detection engineering, and patch validation.
More specialized access becomes relevant only when authorized workflows still run into refusals. This occurs with higher risk workflows such as red teaming and penetration testing, where defenders may need to go beyond analysis, and validate exploitability in a controlled environment. GPT‑5.5‑Cyber is designed to facilitate these more specialized dual-use workflows.
Here’s a simple example that shows what that looks like in practice:
GPT‑5.5 yaiku model kita sing paling pinter lan paling intuitif kanggo karya kawruh serbaguna lan tugas keamanan siber, lan iki model sing dikarepake bakal digunakake dening mayoritas para pembela keamanan siber. Kita ngevaluasi kinerja siber ing tugas-tugas sing mbutuhaké penalaran multi-langkah, panggunaan piranti, lan ketekunan ing saindhenging alur kerja pertahanan sing realistis.
Pratinjau wiwitan saka model cyber-permissive kaya GPT‑5.5‑Cyber ora dimaksudaké kanggo nambah kapabilitas siber kanthi signifikan ngluwihi GPT‑5.5 — model iki utamané dilatih supaya luwih permisif kanggo tugas-tugas sing gegayutan karo keamanan.
Minangka asilé, pratinjau kapisan iki ora diarep-arep bakal ngluwihi kinerja GPT‑5.5 ing saben evaluasi siber. Nanging, iki ndhukung proses penerapan iteratif kanggo nyepetake para pembela lan kanthi aman ndhukung alur kerja sah sing luwih khusus sing mbutuhake perilaku sing luwih permisif, digandhengake karo verifikasi sing luwih kuwat, pemantauan panyalahgunaan, penentuan cakupan panggunaan sing disetujoni, lan umpan balik mitra. Kanggo saiki, GPT‑5.5 kanthi Trusted Access for Cyber isih dadi titik wiwitan sing disaranake kanggo umume alur kerja keamanan.
Kita kerja bareng karo vendor keamanan amarga dheweke ana ing posisi ing ngendi kapabilitas model bisa dadi perlindungan pelanggan: panemuan, pangembangan, deteksi, respons, lan penegakan jaringan. Nalika lapisan-lapisan kuwi saya apik bebarengan, lapisan kasebut nggawe flywheel keamanan: para peneliti ngungkapake kerentanan kanthi bukti konsep eksploitasi lan pandhuan patch, piranti rantai pasokan piranti lunak nyegah kode rentan lan dependensi sing wis dikompromi supaya ora tekan produksi, mitra EDR lan SIEM ndeteksi eksploitasi ing lingkungan nyata, lan panyedhiya jaringan lan keamanan nerapake mitigasi tingkat WAF nalika perbaikan diluncurake.
GPT‑5.5 kanthi Trusted Access for Cyber minangka titik wiwitan sing jembar kanggo karya iki. Iki bisa mbantu para pembela sing wis diverifikasi supaya bisa luwih cepet ing saindhenging siklus urip keamanan, dene GPT‑5.5‑Cyber ngidini sakumpulan mitra sing luwih cilik nyinaoni alur kerja canggih ing ngendi prilaku akses khusus bisa dadi penting. Tujuane yaiku mbantu ekosistem keamanan nglindhungi pelanggan luwih cepet, banjur sinau saka umpan balik mitra babagan bagean endi sing mbutuhake evaluasi, verifikasi, utawa pangayoman sing luwih ketat.
Panyedhiya jaringan lan keamanan
Panyedhiya jaringan lan keamanan bisa nyuda paparan nalika perbaikan isih disebaraké kanthi bertahap. Nalika para pembela mvalidasi kerentanan lan ngawasi eksploitasi, dheweke uga bisa nerapake aturan WAF, mitigasi ing edge, lan owah-owahan konfigurasi sing nyuda efektivitas jalur serangan sing mungkin sadurunge saben sistem sing kena dampak wis diremediasi. GPT‑5.5 bisa ndhukung paninjauan aturan, analisis konfigurasi, investigasi insiden, lan manajemen pangowahan sing aman ing macem-macem lingkungan sing kompleks.
Kita kerja bareng karo para mitra iki kanggo mbantu kita ngevaluasi kepiye kemampuan kasebut bisa diwujudaké dadi perlindungan sing bisa ditrapaké pelanggan ing skala internet, kalebu kanggo infrastruktur kritis lan layanan publik sing nyuda paparan kanthi cepet iku penting.
“Ing Cisco, kita ndeleng model frontier minangka pengali daya sing kuat kanggo para pembela. Model kaya GPT-5.5 kanthi dhasar ngowahi laju operasi kita, sing ndadekake kita bisa tumindak luwih cepet ing kabeh bab, wiwit saka investigasi insiden nganti pangurangan paparan kanthi proaktif. Nanging kacepetan ora bisa diijolaké karo kapercayan. Nilai sejati saka teknologi iki ora ditemokake mung ing modelé wae, nanging ing kerangka kerja siap-kanggo-perusahaan sing kita bangun ing sakupenge. Kerangka kerja sing mbantu kita nggawe produk sing luwih aman. Fokus kita yaiku ngowahi proses pangembangan lan operasional sing aman nganggo kemampuan anyar iki. Kanggo kita, iki ateges mbisakake inovasi sing cepet lan uga bisa dipercaya.”
Riset kerentanan lan penambalan
Flywheel kasebut diwiwiti kanthi nemokake kerentanan, memvalidasi kekritisané, lan ngetrapake tambalan ing sistem sing kena dampak. GPT‑5.5 kanthi Trusted Access for Cyber bisa mbantu mayoritas kerja iki: mangerteni kode sing durung akrab, memetakake permukaan sing kena pengaruh, nelusuri akar panyebab, mriksa patch, mbangun alat reproduksi sing aman, nggawe prioritas tingkat keparahan, lan ngowahi temuan dadi pandhuan remediasi.
Sawetara riset kerentanan mbutuhake perilaku sing luwih permisif, utamane nalika mitra sing wis diwènèhi idin mbutuhake bukti konsep eksploitasi kanggo pengungkapan sing terkoordinasi utawa validasi sing dikontrol. Kuwi alur kerja ing ngendi GPT‑5.5‑Cyber bisa mbantu kita sinau kanthi sakumpulan mitra sing luwih cilik, kanthi verifikasi sing luwih ketat, pemantauan, lan loop umpan balik.
“Intel minangka pamimpin ing bidang silikon lan piranti lunak, nyedhiyakake pondasi sing bisa dipercaya kanggo industri komputasi global. Nalika model AI terus maju ing penalaran lan kacepetan, kemampuané kanggo ngenali, nganalisis, lan mbantu nyuda ancaman keamanan dadi saya kritis. Intel ngarep-arep bisa kerja bareng karo OpenAI kanggo nggawa kapabilitas AI sing ditata kelola lan bisa diskalakake menyang alur kerja siber ing donya nyata—mbantu perusahaan nyepetake riset kerentanan, nguwatake proses remediasi, lan makarya kanthi luwih aman ing skala gedhé.”
Deteksi lan pemantauan
Yen piranti lunak sing rentan wis ditrapake, pitakonan sabanjure yaiku apa ana wong sing lagi ngeksploitasi piranti lunak kasebut. Mitra EDR, SIEM, IGA/PAM, lan pemantauan ngowahi advisori anyar dadi bukti saka lingkungan aktif: telemetri, tandha pangeling, deteksi, lan alur kerja respons. GPT‑5.5 bisa mbantu analis nyambungake sinyal-sinyal kasebut, ngringkes sing penting, nyusun draf deteksi, lan luwih cepet pindhah saka pengungkapan menyang investigasi. Loop sing padha iki utamane wigati banget ing lingkungan cloud, ing ngendi paparan, remediasi, lan deteksi gegandhengan kanthi raket.
“Ing SentinelOne, nilai sejatiné AI yaiku sepira cepeté AI mbantu kita ngowahi sinyal dadi kauntungan sing bisa ditindaklanjuti kanggo para pembela. GPT-5.5 mbantu para analis nyambungake telemetri, fokus ing perkara sing penting, lan nguwatake cara organisasi nyelidiki, ndeteksi, lan nanggapi ancaman sing lagi muncul.”
Keamanan rantai pasokan piranti lunak
Langkah sabanjure yaiku nyegah kode sing wis dingerteni bermasalah supaya ora mlebu produksi wiwit awal. Sawisé kerentanan utawa kompromi paket dimangertèni, piranti rantai pasok piranti lunak bisa mbantu nyegah dependensi sing berisiko, nganyari mbebayani, lan jalur kode sing rentan sadurungé nyebar ing lingkungan pelanggan. GPT‑5.5 kanthi Trusted Access for Cyber bisa mbantu mriksa owah-owahan dependensi, nalar babagan kemungkinan dieksploitasi ing kode duweke dhewe, ngutamakake remediasi, lan nuduhake prilaku paket sing curiga luwih awal ing siklus pangembangan.
Mitra kaya ta Snyk, Gen Digital, Semgrep, lan Socket bisa mbantu nguji kepiye kemampuan kasebut ditrapake kanggo kedadeyan kaya kompromi axios, ing ngendi ndandani paling cepet yaiku nyegah dependensi sing rentan utawa dikompromi supaya ora mlebu ing build.
“Para panyerang wis nggunakake model frontier minangka gaman. Kanthi nerapake Trusted Access for Cyber saka OpenAI lan GPT-5.5, kita menehi para pelindung ing Snyk kemampuan sing dibutuhake kanggo nglindhungi ranté pasokan kritis. Kemitraan iki ora mung dadi tonggak; nanging uga kabutuhan strategis.”
Open source minangka salah sawijining cara paling cepet kerentanan bisa nyebar ing saindenging ekosistem, mula kita uga nandur modal ing upstream bebarengan karo para maintainer. Codex Security mbantu tim ngenali, ngvalidasi, lan ndandani kerentanan kanthi mbangun model ancaman khusus kanggo basis kode, njelajah jalur serangan sing realistis, ngvalidasi masalah ing lingkungan sing terisolasi, lan ngusulake patch kanggo ditinjau dening manungsa.
Liwat Codex for Open Source, pangelola kapilih saka proyek kritis bisa nampa akses kanthi syarat menyang Codex Security, bebarengan karo kredit Codex lan API kanggo nyuda beban pangopènan lan paninjauan.
Kita uga wis ngrilis plugin Codex Security sing nggawa alur kerja keamanan sing wis ana langsung menyang antarmuka Codex apa wae kayata aplikasi utawa CLI, mbantu pangembang pindhah saka pemodelan ancaman menyang panemuan temuan, validasi, analisis jalur serangan, lan perbaikan sing wis diverifikasi.
Nalika model dadi luwih mumpuni ing keamanan siber, panggunaan paling apik saka kemampuan kasebut yaiku kanggo mbantu para pembela nemokake lan ndandani kelemahan kanthi luwih cepet. Ngembangaké akses menyang kemampuan kasebut kanthi tanggung jawab mbutuhake kepastian sing luwih kuwat babagan sapa sing nggunakake model kasebut, sistem apa sing dituju, lan apa pakaryan kasebut wis sah. Nalika verifikasi identitas lan organisasi sing luwih kuwat, pambatesan cakupan panggunaan sing disetujoni, lan pemantauan panyalahgunaan saya ningkat, kita ngarepake akses bakal saya ngrembaka saka wektu ke wektu.
Entuk akses menyang Trusted Access for Cyber iku gampang:
- Pangguna individu bisa verifikasi identitasé ing chatgpt.com/cyber(mbukak ing jendhela anyar).
- Perusahaan bisa njaluk akses kapercayan kanggo timé liwat wakil OpenAI.
Kabeh pelanggan sing disetujoni liwat proses iki bakal entuk akses menyang versi model sing wis ana kanthi gesekan sing luwih sithik babagan pangayoman sing bisa micu aktivitas siber panggunaan ganda, sing ngidini dheweke terus ndhukung pendidikan keamanan, pemrograman pertahanan, lan riset kerentanan sing tanggung jawab.
Sajrone uji coba alfa, GPT‑5.5‑Cyber wis digunakake kanggo ngukur red-team otomatis sistem kritis lan validasi kerentanan kanthi tingkat keparahan dhuwur, sing bakal didokumentasikake ing panliten teknis sabanjure minangka bagean saka pengungkapan sing tanggung jawab.
Kita ngarepake bakal terus ngakselerasi para pembela nganggo maneka warna model, kalebu model unggulan kita liwat Trusted Access for Cyber, lan model cyber khusus kaya GPT‑5.5‑Cyber uga model sing luwih nduweni kapabilitas cyber ing mangsa ngarep.
