OpenAI has unveiled its Codex Security plugin and announced an expansion of Daybreak, its initiative to bolster artificial intelligence (AI)-driven cybersecurity capabilities, on Tuesday. Daybreak aims to streamline the entire vulnerability management process, from discovery to patch deployment. The new Codex Security plugin goes beyond simple alerts, demonstrating an understanding of both code and threat models. It can generate threat models when none exist, identifying potential vulnerabilities. The plugin assesses code accessibility, gathers evidence for verification, and develops and validates appropriate patches. The final decision on further investigation and patch implementation remains with developers and security teams. OpenAI has also released a limited version of GPT-5.5-Cyber to vetted defense experts. This powerful model combines general intelligence with specialized abilities in software vulnerability detection and patching. In a related development, South Korea’s Ministry of Science and Information and Communications Technology (ICT) recently formalized its participation in OpenAI’s Government Trust-Based Access Program (GTAC). This collaboration, aimed at addressing AI security threats, will grant participating institutions access to cutting-edge AI models like GPT-5.5-Cyber. GPT-5.5-Cyber excels in analyzing security components and attack paths, verifying vulnerabilities in controlled environments, and developing and testing patches. It achieved an impressive 85.6% score on CyberGym, a benchmark for reproducing known vulnerabilities, surpassing its predecessor’s 81.8% score. OpenAI is also launching the Daybreak Cyber Partner Program, enabling selected security firms to integrate GPT-5.5 and Trusted Access for Cyber into their products and services. Lastly, the company introduced Patch the Planet, a program supporting open-source project maintainers in addressing vulnerabilities. Participants receive access to ChatGPT Pro, conditional use of Codex Security, and API credits for automating development tasks. Over 30 open-source projects have already expressed interest. OpenAI emphasized that their ultimate goal extends beyond identifying vulnerabilities, aiming to create safer software ecosystems with enhanced cybersecurity resilience.
