OpenAI is widening its Daybreak cybersecurity effort with a sharper focus on the part of security work that often slows teams down: turning vulnerability reports into actual fixes. The company says its updated Codex Security plugin can now support the workflow from discovery through patch generation, while GPT-5.5-Cyber has moved out of preview and into full availability for vetted defenders.
The announcement also puts OpenAI in direct comparison with Anthropic's Mythos. OpenAI says GPT-5.5-Cyber outperforms Anthropic's Mythos on cybersecurity benchmark results, and frames the model as part of a broader push to help security teams not only find problems, but resolve them.
Why patching is the new focus
OpenAI and Anthropic are pointing to the same pressure point in cybersecurity: finding flaws is no longer the only bottleneck. Once a flaw is identified, teams still have to determine whether it matters, whether vulnerable code can actually be reached, what change would fix it, and whether that change creates new problems.
OpenAI's answer is to make Daybreak more action-oriented. The updated Codex Security plugin is designed to work like a security engineer alongside developers, analyzing code with a threat model, checking reachability, generating a targeted patch, and verifying the result.
This is a meaningful shift in how AI security tools are being positioned. A scanner that produces findings can still leave teams with a long review queue. A system that helps move from finding to fix has a different role: it can reduce the distance between detection and remediation, while keeping final approval in human hands.
What changed in Codex Security
The Codex Security plugin first shipped as a research preview back in March. Since then, OpenAI says it has scanned over 30 million commits across more than 30,000 codebases. The company says over 500,000 findings were automatically flagged as fixed, with human reviewers manually confirming another 70,000.
The update expands the plugin beyond basic vulnerability identification. New capabilities include deep scans of entire codebases, attack path analysis, and export into existing vulnerability management systems through SARIF files or CodeQL queries.
The plugin can also take in findings from other scanners or bug bounty reports. From there, it can triage those findings and automate patch generation in batch mode.
The workflow still includes a human checkpoint. OpenAI says humans sign off on every change, which matters because patch generation is only useful if teams can review, trust, and merge the result through their normal process.
GPT-5.5-Cyber moves out of preview
GPT-5.5-Cyber is now fully available after an earlier preview. That preview was aimed mainly at reducing unnecessary refusals in security workflows. The full version is presented by OpenAI as its most capable single model for finding and patching software flaws.
OpenAI says GPT-5.5-Cyber leads on key cybersecurity benchmarks. CyberGym measures whether an agent can reproduce known flaws in software environments. ExploitGym tests whether agents can turn vulnerabilities into working exploits. SEC-bench Pro evaluates long-term vulnerability discovery.
The model is deliberately more permissive than standard models and refuses fewer requests, according to OpenAI. That design makes access controls central to the release. GPT-5.5-Cyber is available only to verified defenders, with access tied to verification, monitoring, and guardrails.
OpenAI says most users should use GPT-5.5 with Trusted Access for Cyber and Codex Security instead. That distinction shows how the company is separating broader defensive use from access to a more capable cybersecurity-specific model.
The partner network broadens Daybreak
OpenAI is also expanding Daybreak through the Daybreak Cyber Partner Program. Security companies can integrate GPT-5.5 with Trusted Access for Cyber into their own products.
Partners include Cisco, CrowdStrike, Cloudflare, Palo Alto Networks, IBM, Fortinet, Wiz, SentinelOne, Darktrace, Palantir, Accenture, PwC, and KPMG. OpenAI says the overall program includes more than 25 security firms.
Government work is also part of the expansion. OpenAI says it has Trusted Access partnerships with Australia, Canada, France, Germany, Japan, South Korea, the EU agency ENISA, and the UK. In the US, OpenAI is working to carry out a recently issued executive order on AI security and plans to collaborate directly with critical infrastructure operators.
Open-source projects get a patching push
OpenAI also launched Patch the Planet with Trail of Bits, HackerOne, and Calif. The initiative brings the same patching tools to open-source software, where maintainers often need to validate reports, remove duplicates, and decide which fixes are ready to merge.
More than 30 open-source projects have signed on, including cURL, Go, Python, Sigstore, and pyca/cryptography. Security researchers work with maintainers to validate and deduplicate flaws and patches before anything gets merged.
OpenAI says a first five-day sprint turned up hundreds of issues and led to dozens of merged patches. That result fits the wider Daybreak message: the company is trying to move AI cybersecurity from alert generation toward reviewed, practical remediation.