OpenAI is building a cyber defense tool. It won't say who qualifies to use it.
On Tuesday, OpenAI briefed roughly 50 federal cybersecurity practitioners in Washington on GPT-5.4-Cyber, its most permissive cyber defense model yet. The U.S. agencies in the room cannot use it. Five Eyes partners start receiving briefings this week, according to Reuters.
What makes the model unusually powerful is also what makes it unusually sensitive: GPT-5.4-Cyber has lower refusal boundaries than the base model, meaning it is more willing to attempt tasks — like analyzing suspicious compiled code or reverse engineering software for vulnerabilities — that most AI systems decline on safety grounds. It also has what OpenAI calls binary reverse engineering capabilities, which let security researchers inspect compiled software for malware, flaws, and weaknesses without needing the original source code. The company has not published the criteria it uses to decide who gets access to those capabilities. The Trusted Access Program that governs admission has no public application process, no published eligibility requirements, and no appeal process for those who are denied.
The result is a gatekeeper with no disclosed rules. OpenAI describes the program as expanding to thousands of verified individual defenders and hundreds of teams, according to its blog post, but prospective applicants have no way to assess their own eligibility. Those who are approved sign non-disclosure agreements. Those who are turned away get no explanation. OpenAI has become, by design, the arbiter of which security professionals get access to which cyber defense tools — with no external oversight and no transparent standards.
GPT-5.4-Cyber launched April 14, one week after Anthropic released Mythos, a comparable frontier model with its own cybersecurity implications. European regulators have taken notice. The European Central Bank and Bank of England are examining risks from both systems, and German financial supervisors are in contact with banks assessing exposure, Reuters reported. That two frontier models launched within days of each other are both generating simultaneous regulatory attention reflects how quickly advanced AI is outpacing the governance frameworks meant to contain it.
OpenAI frames the Trusted Access Program as a responsible middle ground: powerful capabilities for vetted security researchers, not for adversaries. That logic is coherent. But a gatekeeper with undisclosed rules is not a governance structure. It is a list.