Summary
- OpenAI has launched GPT-5.5-Cyber, a model aimed at accelerating the detection and resolution of software vulnerabilities.
- This new model outshines Anthropic's Mythos on significant benchmarks, while the latter faces a ban from the U.S. government due to national security issues.
- GPT-5.5 is being made available to trusted cybersecurity professionals under controlled conditions, contrasting with Anthropic's more restrictive measures.
OpenAI's latest cybersecurity model has outperformed the Anthropic Mythos AI, which has been taken offline by the U.S. government, while GPT-5.5 remains operational.
On June 22, OpenAI announced the official release of GPT-5.5-Cyber as part of its Daybreak cyber defense initiative. In tests conducted on CyberGym—a benchmark created at UC Berkeley featuring 1,507 known software vulnerabilities from 188 open-source projects—the new model achieved a score of 85.6%.
In comparison, Anthropic's Mythos 5 scored 83.8% on the same test, while its more widely accessible model, Claude Opus 4.7, scored 73.1%.
While a margin of less than two points on a benchmark may seem trivial, the surrounding circumstances are significant. On June 12, Anthropic's Mythos 5 and Fable 5 were taken offline following an emergency export control order from the Trump administration that cited national security risks.
The directive was prompted by concerns over a jailbreak—a method used to circumvent an AI's inbuilt safety features, akin to discovering a master key for a secure door. Anthropic was unable to effectively verify user nationality at scale, leading to the decision to disable both models universally.
Some of the challenges were self-imposed. Anthropic had spent considerable time promoting Mythos as one of the most powerful—and potentially hazardous—AI models, cautioning in its launch materials that its cybersecurity capabilities could lead to severe consequences without appropriate restrictions. CEO Dario Amodei authored an essay on June 10, likening advanced AI models to aircraft that safety regulators should be able to ground if they fail inspections.
Just days later, the government effectively grounded Anthropic's models.
That week brought additional scrutiny. Anthropic had faced backlash for implementing a concealed filter in Fable 5 that diminished the model's outputs for users suspected of developing competing AI, without informing them, resulting in an apology and policy reversal.
A Distinct Strategy
As Anthropic navigates negotiations with the Commerce Department and continues its lawsuit against the Trump administration, OpenAI is broadening its influence. Daybreak has established cybersecurity collaborations with nations including Australia, Canada, France, Germany, Japan, South Korea, and EU entities like the European Union Agency for Cybersecurity.
A total of 28 security companies, including CrowdStrike, Cisco, and Cloudflare, have joined OpenAI's Cyber Partner Program to incorporate GPT-5.5 into their offerings for approved customers. According to OpenAI's blog, its Codex Security tool has scanned over 30 million commits across 30,000 code repositories, identifying more than 500,000 vulnerabilities since its launch in March.
The organization is also enhancing a partner program to allow security firms to embed these functionalities into their own tools, alongside launching “Patch the Planet,” an initiative aimed at addressing vulnerabilities in popular open-source projects.
However, GPT-5.5-Cyber is not available for general use; it is restricted to verified security professionals. OpenAI conducted pre-launch tests with federal agencies, including the Center for AI Standards and Innovation and the Office of the National Cyber Director, prior to its release. This approach mirrors the restricted access that Anthropic sought with Mythos, but OpenAI ensured its strategy was approved by the government beforehand.
As of June 23, Fable 5 and Mythos 5 remain offline, eleven days into a suspension without an official timeline for restoration from either Anthropic or the Commerce Department.