OpenAI announced on June 23 that it is expanding its cybersecurity initiative, "Daybreak," which utilizes artificial intelligence (AI) to support the entire process of addressing software vulnerabilities.
The goal of Daybreak is to go beyond merely discovering software vulnerabilities; it aims to assist in verification, risk assessment, and the development, testing, and deployment of patches using AI.
On the same day, OpenAI unveiled a security-specific tool called "Codex Security." This tool analyzes development team code and threat models to identify potential vulnerabilities, verifies the likelihood of exploitation, and supports patch development and validation. Ultimately, the decision on investigations and patch implementations rests with developers and security personnel.
A limited release of the formal version of "GPT-5.5-Cyber" was made available to verified defense experts. This model analyzes security-related components and attack paths within large codebases and validates vulnerabilities in controlled environments to assist in patch development and testing. In a cybersecurity benchmark called "CyberGym," it achieved a score of 85.6%, outperforming GPT-5.5, which scored 81.8%.
OpenAI is also launching the "Daybreak Cyber Partner Program" to help security software and service companies utilize GPT-5.5 and "Trusted Access for Cyber" in their customer products and services. The company plans to continuously enhance safeguards, monitoring systems, and exploitation prevention standards in collaboration with participating firms.
Additionally, OpenAI is initiating the "Patch the Planet" program to support the open-source ecosystem. In partnership with the security research firm Trail of Bits, OpenAI will assist security researchers in validating and patching vulnerabilities in open-source projects using advanced AI models and Codex Security. HackerOne and Calif will handle vulnerability classification, coordinated disclosures, and additional vulnerability exploration.
Currently, over 30 open-source projects have expressed interest in participating. Initial projects include the internet data transfer tool cURL, the open-source programming languages Go and Python, the software supply chain security project Sigstore, and the cryptography library pyca/cryptography. Participating projects will receive ChatGPT Pro subscriptions, conditional Codex Security access, and API credits.
OpenAI has established partnerships for Trusted Access for Cyber with Australia, Canada, France, Germany, Japan, and the European Union Agency for Cybersecurity (ENISA). Last month, it formed a partnership with the South Korean government. At that time, Jason Kwon, OpenAI's Chief Strategy Officer, emphasized the importance of collaboration with government, public institutions, and businesses to enhance collective security and public safety in South Korea. The company is also expanding cooperation with the UK government in the areas of cybersecurity and testing and evaluation.
An OpenAI representative stated, "Daybreak will connect cutting-edge AI models, security tools, open-source maintainers, security companies, and key infrastructure operators to enhance capabilities in responding to cyber threats. Ultimately, our goal is to create a safer software environment with strong cyber resilience."
* This article has been translated by AI.
Copyright ⓒ Aju Press All rights reserved.