OpenAI opens GPT-5.4-Cyber to Trusted Access for Cyber tiers

• OpenAI said it is expanding Trusted Access for Cyber from a February pilot into a tiered program that now targets thousands of verified individual defenders and hundreds of security teams.
• According to OpenAI security lead Théo Sottiaux's post and the Official announcement, the new top tiers can request GPT-5.4-Cyber, a defensively tuned GPT-5.4 variant with fewer restrictions on sensitive cyber tasks.
• The Official announcement says GPT-5.4-Cyber lowers refusal boundaries for legitimate work and explicitly adds binary reverse engineering, so defenders can inspect compiled software without source access.
• OpenAI also tied the rollout to a broader cyber program: the Official announcement says GPT-5.4 was classified as “high” cyber capability under its Preparedness Framework, while one early summary thread highlighted OpenAI's claim that Codex Security has already helped fix more than 3,000 critical and high vulnerabilities.
• Simon Willison's write-up notes the catch: self-serve identity verification exists, but access to the most permissive models still runs through extra authentication and application layers rather than a normal public API toggle.

You can read the full OpenAI post, jump straight to the Trusted Access landing flow it references, and skim Simon Willison's summary for the practical translation: OpenAI is moving advanced cyber help into identity-gated lanes, not shipping a generally available security model. TestingCatalog grabbed the launch header, and Wes Roth posted the body text showing OpenAI framing this as preparation for “increasingly more capable models” coming in the next few months.

The biggest product change is structural, not model naming. OpenAI's February Trusted Access for Cyber program already offered reduced-friction handling for cyber prompts after identity verification, but the April update adds extra tiers for users who will authenticate more deeply as defenders.

The Official announcement breaks the access paths into three buckets:

• Individual users can verify identity through chatgpt.com/cyber.
• Enterprises can request team access through their OpenAI representative.
• Existing TAC users can apply for additional tiers, including GPT-5.4-Cyber access.

OpenAI says the program is meant to scale to thousands of individuals and hundreds of teams, with access decisions tied to KYC, identity verification, and other trust signals rather than a flat allow-or-block policy. A follow-up post from OpenAI frames that as “democratized access,” but the operational detail is still gated authentication, not open rollout.

GPT-5.4-Cyber is not presented as a new foundation model. OpenAI describes it in the Official announcement as a version of GPT-5.4 that was fine-tuned to be “cyber-permissive,” with a lower refusal boundary for legitimate security work.

The concrete capability OpenAI chose to name is binary reverse engineering. The post says the model can help analyze compiled software for malware potential, vulnerabilities, and security robustness without source code, which is a more specific claim than the usual “security research” phrasing in model launch copy.

That lower refusal boundary is the whole point of the release. TestingCatalog's screenshot quotes OpenAI describing the model as having “fewer capability restrictions,” while Simon Willison's write-up reads the broader move as OpenAI's answer to Anthropic's recently announced Mythos program.

The launch doubles as a status update on OpenAI's cyber safety stack. The Official announcement says cyber-specific safety training started with GPT-5.2, expanded in GPT-5.3-Codex and GPT-5.4, and that GPT-5.4 was classified as “high” cyber capability under OpenAI's Preparedness Framework.

OpenAI also used the post to publish one of its clearest Codex Security metrics so far. According to the Official announcement, Codex Security has contributed to more than 3,000 critical and high vulnerability fixes since its recent launch, on top of additional lower-severity findings across the ecosystem.

That matters mostly because it shows where OpenAI thinks cyber assistance should live. The same post pitches agentic coding and security scanning inside developer workflows, shifting from occasional audits to continuous issue finding and patch proposals.

The most revealing line in the official post is about where OpenAI will not relax controls. It says access to permissive cyber models may come with limitations around zero-data-retention use cases and may be tighter on third-party platforms where OpenAI has less visibility into the user, environment, or purpose of a request.

That gives the rollout a different shape from a standard API launch. OpenAI is offering more permissive behavior in exchange for more identity, more accountability, and in some cases more direct platform visibility. Simon Willison's write-up points out that even after self-serve verification, the best security access still appears to require an additional form-based process.

The company also telegraphed that this is a staging ground for later releases. In the Official announcement, OpenAI says today's safeguards are enough for broad deployment of current models, but that explicitly cyber-permissive models require more restrictive deployment and stronger controls as future model capability rises.