OpenAI Makes Its Rival to Anthropic's Mythos More Widely Available to Cyber Defenders

The cybersecurity landscape is being reshaped by generative AI models that can both discover and exploit software flaws at unprecedented speed. OpenAI’s GPT-5.5-Cyber, nicknamed "Spud," joins Anthropic’s Mythos as one of the first AI systems capable of conducting multi‑step simulated attacks. In controlled tests, GPT-5.5 completed a 32‑step corporate breach in two out of ten runs, a performance level previously unseen. This leap in capability forces security teams to rethink traditional threat‑hunting workflows, as AI can now generate proof‑of‑concept exploits and reverse‑engineer malware faster than human analysts.

OpenAI is distributing the model through its Trusted Access for Cyber program, which screens organizations responsible for safeguarding critical infrastructure. Participants receive a version of GPT-5.5 with reduced guardrails, allowing deeper code analysis, surface mapping, and automated patch reviews, while still prohibiting high‑risk actions such as credential theft or malware generation. By automating routine tasks, the model promises to free up security engineers for strategic initiatives, potentially shortening the time between vulnerability discovery and remediation. However, the selective rollout underscores the tension between openness and control, as the company balances the need for defensive innovation against the risk of accidental misuse.

Policy makers are watching closely. The White House has signaled intent to issue executive actions that could shape how advanced AI models are released, echoing concerns about a rapid arms race in cyber capabilities. Anthropic’s more restrictive access model—limited to roughly 40 organizations—contrasts with OpenAI’s tiered approach, highlighting divergent strategies for risk mitigation. As both firms iterate on safeguards, the industry will likely see tighter collaboration between AI developers, security vendors, and regulators to establish standards that protect critical infrastructure without stifling the defensive benefits of powerful AI tools.