OpenAI releases GPT-5.4-Cyber, beefed-up Trusted Access for Cyber program

OpenAI released GPT-5.4-Cyber, a model that will be released to select participants in a beefed-up Trusted Access for Cyber (TAC) program. OpenAI's move comes a week after Anthropic released Claude Mythos to the cybersecurity industry.

Although you could say OpenAI’s TAC move is merely about Anthropic envy and its program, what's emerging is a more secure release cadence for models that can do damage in the wrong hands.

In a blog post, OpenAI said TAC is scaling up because it is preparing for more capable models and needs to release fine-tuned efforts for cybersecurity. OpenAI said:

"As model capabilities increase, defenses need to scale alongside them. We’ve seen steady improvements in agentic coding, which have direct implications for cybersecurity and we’ve adapted our approach in step."

OpenAI also took a few jabs at Anthropic's approach with Project Glasswing, which chose ecosystem partners including Microsoft, CrowdStrike and Palo Alto Networks to name a few. "To enable responsible use at scale, we need systems that can validate trustworthy users and use cases in more automated and more objective ways. This allows us to expand access based on evidence and real signals of trust, rather than relying on manual decisions. We don’t think it’s practical or appropriate to centrally decide who gets to defend themselves. Instead, we aim to enable as many legitimate defenders as possible, with access grounded in verification, trust signals, and accountability," said OpenAI.

Under OpenAI's approach, users can authenticate themselves with the company as cybersecurity defenders. Those customers will get GPT-5.4-Cyber, which has fewer restrictions so security pros can analyze potential vulnerabilities. The catch with OpenAI’s program is that the company will need to ensure its authentication and TAC access processes keep out the bad guys.