The cyber AI category just became a product category, not a research project. OpenAI shipping a productized cybersecurity model with named customers signals the market is real and large enough to support specialized model variants. Defensive teams get a credible second source. Until now, Anthropic's Mythos was the only frontier-grade cyber AI in any organized program. The arrival of GPT-5.5-Cyber gives customers a comparison and a procurement alternative. EU companies were locked out of the most

The gated cybersecurity AI market has two serious products and a handful of secondary options. The table below summarizes the competitive landscape as of mid-May 2026. ProductLabDistributionStrengthStatus GPT-5.5-CyberOpenAIVetted partners, expanding to EUCode audit, vuln research, SIEM enrichmentLimited preview, launched May 7 Claude Mythos PreviewAnthropic~4 dozen orgs via Project GlasswingZero-day discovery, vulnerability classificationResearch preview, launched April Gemini SecurityGoogleLim

OpenAI Ships GPT-5.5-Cyber to Security Teams, Now in EU

OpenAI shipped a cybersecurity-focused variant of its flagship model last week and just expanded access. GPT-5.5-Cyber rolled out on May 7 to a vetted set of partners studying advanced security workflows, and on May 11 OpenAI announced it would extend access to the European Union in a limited preview. The launch is OpenAI’s most direct response yet to Anthropic‘s Mythos Preview, which has dominated the cybersecurity AI conversation since April. The cyber-AI arms race between the two labs is now operational.

What’s actually new

GPT-5.5-Cyber is a specialized variant of OpenAI’s GPT-5.5 base model, tuned and gated for cybersecurity workflows. OpenAI has not published the full architecture details but described it as a “differently behaved” model that allows researchers to study advanced security tasks where specialized access patterns matter. The model handles workflows that the standard GPT-5 and GPT-5.5 families either refuse or handle conservatively: vulnerability research on production codebases, exploit development analysis, malware reverse engineering, defensive red-team simulation, and large-scale code audit work.

Access is tightly controlled. The initial May 7 rollout went to a small set of cybersecurity teams that OpenAI vetted directly. Reuters reported the initial cohort numbered fewer than 100 organizations. Cobalt, HackerOne, Bugcrowd, several federal contractors, and a handful of Fortune 500 security teams are in the early access pool. The May 11 EU announcement extended the same vetting process to European companies that previously could not access the model due to regional review concerns. The EU rollout is also limited preview, not general availability.

The model itself, based on the early reporting and OpenAI’s published guidance, sits between the standard GPT-5.5 and GPT-5 Reasoning tiers in capability. It is not the strongest reasoning model OpenAI ships; it is the strongest model OpenAI ships for the specific class of security workflows. The trade-off is intentional: a frontier reasoning model with full cybersecurity capability would be too dangerous to ship at scale, so OpenAI compartmentalized the cyber capability into a model with controlled distribution.

The competitive framing is unmistakable. Anthropic’s Claude Mythos Preview launched in April under Project Glasswing, which restricted distribution to roughly four dozen enterprise organizations and used the model to find vulnerabilities in major operating systems and browsers. Anthropic positioned Mythos as so capable that broad distribution would be irresponsible. OpenAI’s response is a similar gating model with a more permissive distribution standard. The two labs are now competing on who can ship the most capable cybersecurity AI under a controlled-access regime.

The EU access decision is the May 11 wrinkle. EU regulators have been clearer than US regulators about pre-deployment review requirements for frontier and high-risk AI under the EU AI Act. OpenAI’s decision to extend GPT-5.5-Cyber to vetted EU cybersecurity teams under controlled access satisfies the EU’s transparency requirements while limiting distribution. Anthropic has reportedly held back from extending Mythos to EU teams pending further regulatory clarity, which leaves OpenAI as the only frontier lab offering a vetted cybersecurity AI to European customers as of mid-May 2026.

Why it matters

The cyber AI category just became a product category, not a research project. OpenAI shipping a productized cybersecurity model with named customers signals the market is real and large enough to support specialized model variants.
Defensive teams get a credible second source. Until now, Anthropic’s Mythos was the only frontier-grade cyber AI in any organized program. The arrival of GPT-5.5-Cyber gives customers a comparison and a procurement alternative.
EU companies were locked out of the most capable cyber AI until this week. The May 11 EU rollout closes a meaningful capability gap between US and EU cybersecurity teams.
The gated-access pattern is becoming the norm. Both Anthropic and OpenAI are now shipping their most capable frontier capabilities to a small vetted cohort rather than to the general API. The pattern likely extends to other dual-use capabilities (biology, chemistry, manipulation).
Cybersecurity-specific benchmarks are about to get a lot more meaningful. Until now, public cyber-AI benchmarks have been thin. Expect the leading benchmarks (CTI-Bench, NYU CTF, CVE-Bench, the SecureBench family) to get aggressive vendor investment over the next 60 days.
The defense-versus-offense balance is the open question. A model that can find vulnerabilities can find them for defenders to patch or for attackers to exploit. The gated-access pattern is the labs’ bet that defensive use compounds faster than offensive misuse. Whether that bet is right will be visible within 12 months.

How to use it today

Practical access to GPT-5.5-Cyber is gated. If you are part of a vetted cybersecurity team, the access path is direct. If you are not, the path is to demonstrate the cybersecurity use case and apply through OpenAI’s enterprise team. The model is not available through the standard developer API and will not be for the foreseeable future.

Determine whether your organization qualifies. The model is gated to organizations with a documented cybersecurity research, defensive operations, or regulated security testing mission. Internal red teams at large enterprises, established bug-bounty platforms, federal cybersecurity contractors, and academic security labs all qualify in principle.
Submit an access request through your existing OpenAI enterprise account. The request requires a use-case description, an internal security review attestation, and a named program lead.
Expect a 2 to 6 week review. OpenAI’s vetting process includes reference checks, prior security work review, and clear use-case approval. The process is similar to what Anthropic runs for Mythos under Project Glasswing.
Plan integration with your existing security stack. The model is designed to slot alongside your existing security tooling. Common integration targets: SIEM enrichment (the model contextualizes alerts), bug-bounty triage (the model evaluates submission quality), code review (the model audits internal codebases for security issues), threat-hunting (the model parses unstructured indicators).
Document use carefully. The terms of use require detailed logging of how the model is invoked and what outputs are produced. The audit trail protects you if questions come up later and protects OpenAI’s broader gated-access program.

For teams approved to use the model, the API is OpenAI-style chat completions with the model name set to gpt-5.5-cyber and an additional access token specific to the cyber program. The minimum viable integration looks like this.

from openai import OpenAI
import os

client = OpenAI(
    api_key=os.environ["OPENAI_CYBER_API_KEY"],
    default_headers={"OpenAI-Beta": "cyber-access-2026-05"},
)

response = client.chat.completions.create(
    model="gpt-5.5-cyber",
    messages=[
        {"role": "system", "content": (
            "You are a defensive security analyst. Analyze the provided code "
            "for memory safety vulnerabilities. Output a structured finding "
            "list with CWE classification, severity, and proposed remediation."
        )},
        {"role": "user", "content": open("target_module.c").read()},
    ],
    max_tokens=4000,
)
print(response.choices[0].message.content)

The standard practice for teams using the model is to keep the prompt deterministic, log every call to the security operations record system, and run periodic eval against a curated benchmark of known vulnerability patterns to monitor model drift.

How it compares

The gated cybersecurity AI market has two serious products and a handful of secondary options. The table below summarizes the competitive landscape as of mid-May 2026.

Product	Lab	Distribution	Strength	Status
GPT-5.5-Cyber	OpenAI	Vetted partners, expanding to EU	Code audit, vuln research, SIEM enrichment	Limited preview, launched May 7
Claude Mythos Preview	Anthropic	~4 dozen orgs via Project Glasswing	Zero-day discovery, vulnerability classification	Research preview, launched April
Gemini Security	Google	Limited via Google Cloud Security AI	Threat intel, malware analysis	Generally available, less aggressive on offensive analysis
Llama Guard / Purple Llama	Meta	Open weights	Content safety classification, not vuln discovery	Open source, different category
Microsoft Security Copilot	Microsoft	Microsoft 365 E5 + Security add-on	SOC operations, alert triage	Generally available, productized for operations
SentinelOne Purple AI	SentinelOne	Commercial, customer add-on	EDR-tied threat hunting	Generally available

The competitive read: OpenAI and Anthropic are competing on frontier capability for cybersecurity AI with controlled access. Google sits a tier below in raw capability but has broader enterprise reach via Google Cloud. Microsoft’s Security Copilot is a productized SOC tool, not a frontier research tool. The specialty vendors (SentinelOne, CrowdStrike’s Charlotte AI, Palo Alto’s Cortex Copilot) are building on top of the frontier models rather than competing with them.

What’s next

Three threads to watch over the next sixty days. First, the EU rollout will be the test of whether the gated-access model satisfies European regulators. If the EU accepts OpenAI’s model and Anthropic follows with EU access for Mythos, the gated-access pattern becomes the de facto standard for cybersecurity AI globally. Second, expect product announcements from Microsoft, Google, and the major security vendors that integrate GPT-5.5-Cyber or Mythos under enterprise licenses. The frontier models will increasingly be wrapped in productized SOC and red-team experiences from the platform vendors. Third, watch for the first major public security finding attributed to either model. Anthropic has already announced Mythos found vulnerabilities in major operating systems; OpenAI has not yet disclosed specific GPT-5.5-Cyber findings, but disclosure is likely within months.

The longer arc is that cybersecurity is becoming the first vertical where frontier AI ships as a controlled-access product rather than a general API. The pattern will likely extend to other dual-use capabilities over the next year or two. Cyber is the leading edge; biology and chemistry are next.

Frequently Asked Questions

Can individual developers access GPT-5.5-Cyber?

No. The model is gated to vetted organizations with documented cybersecurity research or defensive operations missions. Individual developers cannot get access through the standard developer API. Researchers affiliated with qualifying organizations can typically use the model through their organization’s enterprise account.

Is GPT-5.5-Cyber more capable than GPT-5 Reasoning?

Not in a general sense. GPT-5.5-Cyber is tuned for cybersecurity workflows and behaves differently on security-relevant prompts than the standard reasoning models. For general reasoning, math, writing, or coding tasks, GPT-5 Reasoning remains the more capable model.

Does the model help with offensive security work?

Yes, within authorized contexts. The model handles vulnerability research, exploit analysis, malware reverse engineering, and red-team simulation work that the standard GPT-5 family handles conservatively or refuses. The access is gated specifically to ensure these capabilities are used for authorized defensive or research purposes.

How does this compare to Anthropic’s Mythos?

Both are frontier-grade cybersecurity AI models distributed under controlled access. Mythos has been more publicly oriented around large-scale vulnerability discovery in major software (operating systems, browsers, open-source libraries). GPT-5.5-Cyber appears more oriented toward integration into enterprise security workflows (SOC operations, code audit, threat hunting). Customers will likely run both for different use cases.

What is the EU access timeline?

OpenAI’s May 11 announcement said EU access is a limited preview without a specific timeline for broader availability. EU companies that qualify under the vetting standard can apply now; the access process matches the US rollout. General availability for EU enterprises is not on a published roadmap.

Will the model be available through Microsoft’s Azure OpenAI Service?

OpenAI has not committed to Azure availability for GPT-5.5-Cyber. The model’s gated-access requirements make Azure integration complex because Azure customers are not individually vetted by OpenAI. The most likely path for Azure customers is through Microsoft Security Copilot, which may incorporate aspects of GPT-5.5-Cyber under Microsoft’s own licensing.