On June 22, 2026, OpenAI announced a significant expansion of its Daybreak program — its initiative focused on the defensive side of AI in cybersecurity. The update covers three components: the full release of GPT-5.5-Cyber with a more permissive policy for advanced security queries, an updated Codex Security plugin for automated patch generation and verification, and Patch the Planet — a collaboration with the open-source ecosystem to move beyond finding vulnerabilities toward fixing them at scale.
Key takeaways
- GPT-5.5-Cyber scores 85.6% on the CyberGym benchmark versus 81.8% for standard GPT-5.5
- Codex Security has scanned over 30,000 repositories and 30 million commits to date; 500,000 vulnerabilities have been automatically marked as fixed
- Patch the Planet: more than 30 open-source projects have joined, including cURL, Go, Python, Sigstore, and pyca/cryptography
- The Daybreak Cyber Partner program includes over 25 security firms — among them CrowdStrike, Cisco, Palo Alto Networks, Cloudflare, and Wiz
- OpenAI has established Trusted Access for Cyber partnerships with Australia, Canada, France, Germany, Japan, South Korea, and EU institutions including ENISA
GPT-5.5-Cyber: higher capability, fewer refusals
GPT-5.5-Cyber is a specialized variant of GPT-5.5 with a policy permitting queries about advanced security techniques — including exploit analysis and proof-of-concept generation — that the standard model declines. OpenAI restricts access to verified defenders through its Trusted Access for Cyber program: security researchers, enterprises, and governments.
The performance numbers are concrete. On CyberGym — which measures whether an agent can reproduce known vulnerabilities in controlled environments — GPT-5.5-Cyber scores 85.6%, outperforming the base GPT-5.5 by 3.8 percentage points. The gap widens on ExploitGym, which tests the ability to turn known vulnerabilities into working exploits: 39.5% versus 25.95%. On SEC-bench Pro, which evaluates long-horizon vulnerability discovery and proof-of-concept generation across complex software targets, the model reaches 69.8% versus 63.1% for the base model.
Codex Security: from alerts to fixed commits
The Codex Security plugin is the operational core of the strategy. Rather than delivering vulnerability reports, it integrates directly into a codebase — understands the threat model (or generates one if it doesn't exist), identifies vulnerabilities, traces attack paths, validates findings in a controlled environment, and then generates and tests a patch. The result reaches the developer as a ready diff for review and acceptance.
Six months of cloud preview translate into real-world figures: 30,000 scanned repositories, over 30 million commits, more than 70,000 vulnerabilities manually marked as fixed by reviewers, and 500,000 findings automatically verified as fixed. OpenAI argues that this is the scale at which patching must now happen — and that legacy security tooling wasn't designed for this volume.
Patch the Planet: open source at the center of defense
Patch the Planet is a collaboration program with open-source maintainers, co-founded with Trail of Bits and supported by HackerOne. The structure is deliberate: OpenAI funds security experts who manage the full end-to-end process — from validating and deduplicating vulnerabilities to preparing patches — which significantly reduces the burden on maintainers.
Research from the Linux Foundation and Harvard shows that 94% of widely used open-source projects have fewer than ten developers responsible for more than 90% of the code added per year. That asymmetry is exactly what Patch the Planet is designed to address. A five-day initial sprint across multiple projects surfaced hundreds of issues, merged dozens of patches, and built reusable fuzzing, variant analysis, and differential testing toolchains. Participating projects receive ChatGPT Pro access, conditional Codex Security access, and API credits.
Why this matters
AI in cybersecurity has so far focused primarily on accelerating vulnerability discovery. OpenAI is shifting the axis: the bottleneck is no longer finding vulnerabilities, because AI can now do that at industrial scale. The bottleneck is fixing them — fast enough that attackers don't have a window between disclosure and patch availability.
Daybreak is the answer to that shift. Codex Security turns a vulnerability report into a ready patch. Patch the Planet extends that mechanism to open source, where maintainer resources are thinnest. GPT-5.5-Cyber gives defenders access to capabilities that were previously available only to advanced attackers.
Strategically, the program is also a signal to governments and regulators: OpenAI is building a trust infrastructure for highly capable cyber models before they become an industry standard. Partnerships with ONCD, CAISI, and seven national governments through Trusted Access for Cyber are the foundation that is meant to legitimize further capability expansion without removing oversight.
What's next
- OpenAI has announced plans to expand the Daybreak Cyber Partner program to additional security firms in the coming months
- GPT-5.5-Cyber is available exclusively through the limited Trusted Access program — OpenAI has not announced a timeline for broader availability
- Patch the Planet is currently running with a selected group of open-source projects — expansion will depend on results from initial sprints and expert capacity
