The company is significantly expanding its Trusted Access for Cyber (TAC) program, now opening tiers for thousands of defenders and hundreds of teams. This scaling effort prepares for increasingly capable models, starting with the release of GPT‑5.4‑Cyber. This specialized variant has been fine-tuned for defensive cybersecurity use cases, lowering refusal boundaries for legitimate security work.

This strategic move addresses the dual-use nature of advanced AI, where threat actors are already experimenting with novel approaches to cause harm. The organization has been building safeguards since 2023, evidenced by its Cybersecurity Grant Program and the launch of Codex Security earlier this year, which helps fix vulnerabilities at scale.

Access is governed by objective criteria, including strong KYC and identity verification, adhering to the principle of democratized access for legitimate actors. A key technical capability introduced in the highest tiers is support for binary reverse engineering, allowing security professionals to analyze compiled software for malware without source code.

Scaling defenses in lockstep with capability improvement forms the core strategy, ensuring that defensive tools keep pace with advancing model power. This iterative deployment aims to integrate security feedback directly into developer workflows, shifting risk reduction from episodic audits to continuous practice, exemplified by the 3,000 critical vulnerabilities fixed using their tools.