OpenAI said on May 8 it is expanding its "Trusted Access for Cyber" (TAC) program for security experts and will provide them with a "GPT-5.5 Cyber" preview.

TAC consists of three tiers: basic, advanced and research-institution level. Participants must undergo identity verification (KYC). Eligible participants include corporate security teams, bug bounty hunters, verified researchers and some government agencies. Thousands of verified defenders and hundreds of teams are currently participating in TAC.

GPT-5.5 Cyber is a limited-release model specialised for defensive tasks such as penetration testing, vulnerability detection and analysis, and malware reverse engineering. Requests such as attacks on external systems and unauthorised intrusions will continue to be restricted.

Gi-seok Ko (고기석), head of policy at OpenAI Korea, said, "While supporting verified defenders to detect, analyse and respond to threats, we will also build a responsible-use framework through trusted access and step-by-step verification."

OpenAI will also provide maintainers of major open source projects with access to "Codex Security," an AI-based vulnerability detection and patching tool. This will enable vulnerability identification, verification and fixes.