OpenAI’s GPT-5.4-Cyber and Trusted Access

OpenAI has released GPT-5.4-Cyber, a variant of its flagship model that has been fine‑tuned for defensive cybersecurity work. The model is being deployed with additional protections and a cyber safety stack, and it has been trained to be more permissive for legitimate security tasks while still using monitoring systems. Although the model can perform advanced analysis such as binary reverse engineering of compiled software, safeguards are in place to reduce misuse. The model is intended to reduce the time teams spend on triage by surfacing higher‑confidence findings and fixes.

Access to GPT-5.4-Cyber is limited to verified security vendors, researchers, and teams through the company’s Trusted Access for Cyber program. OpenAI has expanded the program and is onboarding thousands of individual defenders and hundreds of teams, and the rollout began on April 14, 2026. The program uses identity checks and multiple verification tiers so that different levels of access can be granted to individuals and teams. Some competitors have given preview access to far fewer organizations. Since cybersecurity tools can be dual‑use, OpenAI treats these models under a preparedness framework and applies access controls and blocking for higher‑risk requests.