OpenAI has announced Daybreak, a new initiative based on its frontier large language models (LLMs) and its AI-coding assistant, Codex, to help developers build secure software from the ground up.
Unveiled on May 12, OpenAI said Daybreak builds from its Trusted Access for Cyber (TAC) program, a scheme that reserves access to certain frontier models to a selective number of organizations.
The initiative already includes three of OpenAI’s latest models: the general-purpose version of GPT‑5.5; GPT‑5.5 with TAC, which offers more precise safeguards for verified defensive work in authorized environments; and GPT‑5.5‑Cyber. It also features Codex Security, a code‑review assistant based on Codex that is currently available only as a research preview.
Where the TAC program is primarily focused on vetted users tapping into LLMs to identify and fix vulnerabilities, Daybreak aims to tackle the vulnerability problem from the start of the software development lifecycle.
In a series of short videos posted on social media, OpenAI shared some of the tasks that software developers and cybersecurity defenders can perform as part of the initiative. These include:
- Scanning a codebase using Codex Security’s 10 subagents, identifying vulnerabilities, fixing them and adding regression tests
- Triaging vulnerability backlog, prioritizing vulnerabilities that should be fixed (e.g. by severity, impact or exploitability) and deploying agents to open pull requests
- Automating vulnerability detection, validation and response (e.g. looking for the latest CVEs, deploying an agent to investigate their impact on the business, searching logs for exploitation evidence)
“The goal is simple: accelerate cyber defenders and continuously secure software,” the OpenAI announcement said. “Because those same capabilities can be misused, Daybreak pairs expanded defensive capability with trust, verification, proportional safeguards and accountability.”
The company also said it will soon deploy new “cyber-capable models” in cooperation with industry and government partners.
As of May 2026, OpenAI said its TAC program includes hundreds of organizations and “thousands of individual defenders.”
These include IT and cybersecurity organizations like Akamai, Cisco, Cloudflare, CrowdStrike, Fortinet, NVIDIA, Oracle, Palo Alto Networks, Sophos and Zscaler.
The TAC also includes large enterprises, especially in finance and private equity, such as Bank of America, BBVA, BlackRock, BNY, Citibank, Goldman Sachs, JPMorgan Chase, Morgan Stanley and US Bank.
While only a handful of government-linked research organizations, like the US Center for AI Standards and Innovation (CAISI) and the UK AI Security Institute (UK AISI) are currently part of the TAC program, OpenAI confirmed in early May its intention to expand it to more government agencies.
Anthony Grieco, SVP, chief security and trust officer at Cisco, believes frontier models like GPT 5.5 are “powerful force multipliers for defenders.”
“They are fundamentally changing the velocity of our operations, enabling us to move faster on everything from incident investigation to proactive exposure reduction,” he said.
“But speed cannot be traded for trust. The true value of this technology isn’t found in the model alone, but in the enterprise-ready framework we wrap around it. A framework that helps us make more secure products. Our focus is on transforming our secure development and operations processes with these new capabilities. For us, it’s about enabling innovation that is as reliable as it is fast.”
Image credits: Thrive Studios ID / TY Lim / Shutterstock.com
