On April 14, OpenAI announced it is scaling up Trusted Access for Cyber, known as TAC, to thousands of verified individual defenders and hundreds of teams that protect critical software. It is also introducing GPT-5.4-Cyber, a version of GPT-5.4 made to work for defensive cybersecurity work and built with fewer capability restrictions for vetted users.
OpenAI said it is preparing for more capable models over the next few months and is fine tuning systems, as they’ve put it, “specifically to enable defensive cybersecurity use cases, starting today with a variant of GPT-5.4 trained to be cyber-permissive: GPT-5.4-Cyber.” The company said it expects its method of scaling cyber defence in lockstep with model capability to guide testing and deployment of future releases.
Access to the new model will start with vetted security vendors, organisations and researchers. Customers in higher TAC tiers who authenticate themselves as cybersecurity defenders can request GPT-5.4-Cyber. OpenAI said the model “lowers the refusal boundary for legitimate cybersecurity work and enables new capabilities for advanced defensive workflows, including binary reverse engineering capabilities.”
The company also confirmed that more permissive access may come with limits, especially for Zero Data Retention uses and for developers accessing models through third party platforms where OpenAI has less visibility into the request.
What Are These Tools Actually For?
The purpose for these tools is defensive acceleration. OpenAI said AI can help those responsible for keeping systems, data and users safe find and fix problems faster across digital infrastructure. It added that AI is also being used by attackers and that safeguards cannot wait for a future threshold.
GPT-5.4-Cyber is built to assist with high end defensive tasks. One example OpenAI gave is binary reverse engineering. That allows security professionals to analyse compiled software for malware potential or vulnerabilities without access to the source code. For defenders working on critical systems or closed source products, that matters.
The announcement also builds on Codex Security, which monitors codebases, validates issues and proposes fixes. OpenAI said that since its recent launch, Codex Security has contributed to over 3,000 critical and high fixed vulnerabilities, along with many more lower severity findings across the ecosystem.
OpenAI repeated that cyber capabilities are dual use. “Cyber capabilities are inherently dual-use, so risk isn’t defined by the model alone. It also depends on the user, the trust signals around them, and the level of access they’re given.” That line explains why identity verification sits at the core of TAC.
How Does Trusted Access Work In Practice?
Individuals can verify their identity through the ChatGPT cyber page. Enterprises can request trusted access through their OpenAI representative. Higher tiers require deeper authentication for those who want access to more permissive models.
OpenAI said it does not think it is practical or appropriate to centrally decide who gets to defend themselves. Instead, it wants to use “verification, trust signals, and accountability” grounded in objective processes such as strong KYC checks.
More from Artificial Intelligence
- Experts Comment: AI Detectors Are Doing More Harm Than Good – Here Is How Education Should Actually Respond
- Why Are So Many Mega Influencers Creating AI Clones To Replace Them?
- OpenAI Puts Stargate UK Data Centre Project On Pause – But Why?
- Should Governments Have The Power To Switch Off The World’s Most Powerful AI Models?
- Taiwan’s TSMC Profits Set To Surpass 50% Thanks To AI Chip Demand
- Google And Intel Deepen AI Chip Ties, Indicating That AI Isn’t Just About GPUs Anymore
- The ICO Just Weighed In On AI Agents And Data Protection, Here Is What UK Startups Need To Know
- Sam Altman’s Robot Tax Plans: What Does It Actually Mean And Who Would It Affect?
The company said broad access to general models can coexist with more granular controls for higher risk capabilities. That means most users continue with baseline safeguards, while vetted defenders receive reduced friction around dual use cyber activity.
OpenAI added that access for GPT-5.4-Cyber will begin with a limited, iterative deployment. The company wants to learn from real world use and adjust safeguards as model capability increases.
Are There Downsides Or Risks To This?
OpenAI openly acknowledged that existing models can help find vulnerabilities and reason across codebases, and that threat actors are experimenting with AI driven methods. It wrote, “We’ve seen sophisticated harnesses elicit stronger and stronger capabilities by using more test-time compute with existing models. That means safeguards cannot wait for a single future threshold.”
A more permissive model lowers refusal boundaries. That is helpful for legitimate defenders and it also increases the stakes if verification fails, and that is why access is limited and monitored.
OpenAI also admitted that mitigations such as automated monitors can affect security professionals while policies and classifiers are calibrated. The company said it expects to evolve its mitigation strategy and Trusted Access for Cyber over time based on lessons from early participants.
How Does This Build On February’s Announcement?
So, in February, OpenAI introduced Trusted Access for Cyber as a pilot built around GPT-5.3-Codex. It said that the model is their “most cyber-capable frontier reasoning model to date.” The company wrote, “We’ve moved from models that can auto-complete a few lines in a code editor, to models that can work autonomously for hours or even days to accomplish complex tasks.”
That earlier article explained the dilemma: “It can be difficult to tell whether any particular cyber action is intended for defensive usage, or to cause harm.” Restrictions designed to prevent harm created friction for good faith work. TAC was created to reduce that friction.
OpenAI also committed $10m in API credits through its Cybersecurity Grant Program to accelerate defensive work. In the April update, it said it has reached over 1,000 open source projects with Codex for Open Source and expanded cyber specific safeguards across GPT-5.2, GPT-5.3-Codex and GPT-5.4.
Taken as a whole, OpenAI is building a gated system: general users get safeguarded models and verified defenders get more room to operate. The company is betting that identity checks and controlled access can keep powerful cyber tools in defensive hands while model capability increases.
Dan Lorenc, CEO and Co-founder of Chainguard, commented, “More of these tools in the hands of defenders is better. I’m glad both OpenAI and Anthropic are taking steps to help the industry get ahead of attackers, but unfortunately there’s no world where we can stay ahead of attackers forever. Organisations still have to figure out how to scale their efforts to remediate these new risks, and the timeline they have shrinks every day.”
