- Codex Security can identify, validate, and generate patches for software vulnerabilities.
- GPT-5.5-Cyber reached 85.6% on CyberGym, above GPT-5.5’s 81.8%, as more than 30 open-source projects have joined the Patch the Planet initiative.
- OpenAI is limiting its most advanced cyber model to verified defenders.
OpenAI is expanding its Daybreak cybersecurity program with new tools designed to help developers and security teams move from finding software vulnerabilities to validating and patching them.
The expansion includes an updated Codex Security plugin, the full version of GPT-5.5-Cyber, a partner program for security companies, and Patch the Planet, an initiative supporting widely used open-source projects.
OpenAI said advances in frontier models have accelerated vulnerability discovery across large codebases. That progress has also created a new problem, as maintainers and security teams now face more findings than they can quickly review and repair.
Codex Security Moves From Alerts to Fixes
The updated Codex Security plugin works directly inside Codex and can scan an entire repository, selected folders, recent changes, or individual commits.
Rather than producing alerts alone, the tool can build a threat model, trace possible attack paths, check whether vulnerable code is reachable, gather validation evidence, and prepare a targeted patch for human review.
Developers can also use it to examine findings imported from scanners, bug bounty reports, advisories, and ticketing systems. Results can be exported into existing security platforms through formats such as SARIF and CodeQL queries.
Since entering research preview in March, Codex Security has scanned more than 30 million commits across over 30,000 repositories. Human reviewers marked more than 70,000 findings as fixed, while the system automatically identified over 500,000 resolved findings.
Related: Bitget Launches VIP Miracle Badge Program for Multi-Asset Traders
GPT-5.5-Cyber Reaches Trusted Defenders
OpenAI is also releasing the full version of GPT-5.5-Cyber through a limited-access program for verified defenders conducting authorized security work.
The model reached 85.6% on CyberGym, compared with 81.8% for the standard GPT-5.5 model. It also scored 39.5% on ExploitGym, against 25.95% for GPT-5.5, and recorded 69.8% on SEC-bench Pro.
GPT-5.5-Cyber is intended for complex workflows such as vulnerability validation, controlled exploit testing, code-path analysis, and patch development. Access includes additional verification, monitoring, and account-level controls.
For most defensive work, OpenAI said GPT-5.5 with Trusted Access for Cyber and Codex Security remains the primary option.
Related: ChatGPT, Grok, Claude, and Gemini Predict Scenarios of XRP Breakout Ahead of May 14 CLARITY Act Vote
Patch the Planet Supports Open-Source Projects
Meanwhile, OpenAI has launched Patch the Planet with Trail of Bits, HackerOne, Calif. researchers, and software maintainers.
More than 30 open-source projects have committed to participating. Initial names include cURL, Go, Python, Sigstore, and pyca/cryptography.
Researchers will work with maintainers to validate findings, remove duplicates, test patches, and follow each project’s existing disclosure process. Participating teams will also receive access to security tools, API credits, and development support.
OpenAI is additionally launching the Daybreak Cyber Partner Program, allowing approved security companies to integrate its defensive models into products and services while maintaining access controls and human oversight.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
