OpenAI announced an expansion of its cybersecurity initiative, Daybreak, including updates to its Codex Security plugin, a new model called GPT-5.5-Cyber, a partner program for security firms, and an open-source vulnerability patching initiative called Patch the Planet.

The updated Codex Security plugin allows developers to run deep code scans, generate vulnerability reports, trace attack paths, build threat models, and produce patches for review. Since its research preview launch in March, the tool has scanned more than 30 million commits across more than 30,000 codebases, with over 500,000 findings automatically determined to be fixed.

GPT-5.5-Cyber, described by OpenAI as its most capable model for cybersecurity work, scored 85.6% on CyberGym, a benchmark that tests whether an AI agent can reproduce known vulnerabilities in software environments, compared to 81.8% for GPT-5.5. The model also scored 39.5% on ExploitGym and 69.8% on SEC-bench Pro, versus 25.95% and 63.1% respectively for GPT-5.5. Access to GPT-5.5-Cyber remains limited to verified defenders.

The Daybreak Cyber Partner Program will allow security companies to integrate GPT-5.5 with Trusted Access for Cyber into their own products. Initial partners include Accenture, Cisco, CrowdStrike, IBM, Palo Alto Networks, and others.

Patch the Planet, founded with Trail of Bits and developed in collaboration with HackerOne and Calif, funds security researchers to work directly with open-source software maintainers on vulnerability remediation. More than 30 open-source projects have committed to participate, including cURL, Go, Python, Sigstore, and pyca/cryptography. An initial five-day sprint produced hundreds of flagged issues and dozens of merged patches.

OpenAI also stated it has established Trusted Access for Cyber partnerships with government bodies in Australia, Canada, France, Germany, Japan, South Korea, and EU institutions including ENISA, according to a company statement.