OpenAI is expanding Daybreak to shift the cybersecurity bottleneck from finding vulnerabilities to fixing them. The company is launching a full version of GPT-5.5-Cyber, a model designed to reason through attack paths and generate patches for operating systems like Linux and FreeBSD. This move addresses the overwhelming volume of findings that currently outpace human remediation capacity.

Technical improvements center on the Codex Security plugin, which integrates directly into developer workflows to automate the remediation loop. The tool analyzes threat models, determines if vulnerable code is reachable, and produces codebase-specific patches for human review. It has already scanned over 30 million commits across 30,000 codebases, automating the fix for 500,000 findings.

Performance gains are evident in the Cyber Gym benchmark, where the new model reached 85.6%, beating the standard GPT-5.5 score of 81.8%. OpenAI also partnered with Trail of Bits and Hacker One for the Patch the Planet initiative, bringing these tools to open-source projects like Python and Go. These efforts aim to distribute high-end defensive capabilities across government and enterprise networks.

Human oversight remains a requirement for investigating findings and applying changes. The system exports data via SARIF files and Code QL queries to fit into existing vulnerability management pipelines. This integration allows teams to triage bug-bounty reports and close vulnerability backlogs at machine speed.