OpenAI rolls out new model for cybersecurity teams one month after Anthropic’s Mythos debut

OpenAI introduces GPT-5.5-Cyber after the uproar surrounding Anthropic Mythos
It’s a modest upgrade that focuses on permissible cybersecurity tasks like vulnerability triage and malware analysis
Access is limited to controlled teams in the Trusted Access for Cyber (TAC) program, unlike Anthropic’s more restricted Mythos Preview

OpenAI has introduced GPT-5.5-Cyber, an upgraded cybersecurity model that wants to take some of the shine off Anthropic’s Mythos Preview release.

Coming less than a month after the launch of GPT-5.4-Cyber, this is not a major upgrade by any means and users should not expect many changes, OpenAI explained.

instead, users should expect a model trained to be more forgiving when it comes to cybersecurity tasks, making it easier to use for things like vulnerability identification, triage, patch validation, and malware analysis.

Competes with Mythos

“GPT-5.5-Cyber lets a smaller set of partners study advanced workflows where specialized access behavior can matter,” OpenAI said in a blog post.

“The cyber defense ecosystem is broad, and GPT-5.5 and GPT-5.5-Cyber play different roles to meet the needs of organizations and researchers across it, depending on the task, the setting, and the safeguards around how the model is used. For most teams, GPT-5.5 with TAC is our strongest and most legitimate security model to ensure abuse.”

As with the previous version, this release will only be provided to vetted cybersecurity teams. But unlike its key competitor – Mythos, which was only given to a handful of companies, OpenAI’s model will be offered to a wider set of users, members of the Trusted Access for Cyber program (TAC).

Back when it introduced GPT-5.4-Cyber, OpenAI said it was scaling TAC to “thousands of verified individual defenders and hundreds of teams responsible for defending critical software.”

Anthropic first revealed Project Glasswing in early April 2026, saying the AI model Mythos Preview was too powerful to be given freely. Apparently, it was able to expose decades-old vulnerabilities in some of the most widely used operating systems in existence and chain them together to create working exploits.