OpenAI opens access to GPT-5.4-Cyber and allocates $10 million for cyber defense

OpenAI has announced the launch of the Trusted Access for Cyber program — a closed initiative that gives leading cybersecurity companies and large enterprises privileged access to a new specialized model, GPT-5.4-Cyber. In parallel, the company is allocating $10 million in API grants to help program participants develop and scale cybersecurity tools faster.

The move makes sense — and was overdue. Over the past two years, cyber threats have become increasingly sophisticated: attackers are using language models to generate phishing emails, write malicious code, and automate attacks. A counter-move from defenders required specialized tools, not universal assistants.

GPT-5.4-Cyber is an attempt to close this gap. OpenAI is not yet revealing specific details about the model's capabilities, but from context it's clear: GPT-5.

4-Cyber is optimized for tasks characteristic of cybersecurity — analyzing malicious software, detecting anomalies in network traffic, incident response, threat modeling, and automating routine SOC team tasks. Access to the model through a closed program, rather than through a public API, signals that OpenAI intends to control who uses these capabilities and how — to prevent their use for destructive purposes. The $10 million grant fund consists of API credits, not direct monetary investments.

Nevertheless, for cybersecurity startups this is substantial support: inference of powerful models is expensive, and API costs often become a barrier when prototyping AI-based products. Grants will be available to both Trusted Access for Cyber program participants and a broader circle of ecosystem players. Critics of the program will likely ask a reasonable question: isn't OpenAI itself part of the problem?

GPT technologies have already been used — and, according to the company itself, continue to be used — to create attack tools. OpenAI has repeatedly published reports blocking attackers exploiting public models. The Trusted Access for Cyber program is, in part, a signal: the company understands that neutrality is impossible here, and it is choosing the side of defense.

Participation in the program is open to companies that have passed a review. Among the first partners are major names in the security market and enterprises with developed SecOps infrastructure. Specific names have not yet been publicly disclosed, but the very fact of large players' participation suggests: the market views the initiative seriously.

AI is becoming a standard tool in the arsenal of both attackers and defenders. Companies working in cybersecurity have long integrated machine learning — but LLM capabilities are fundamentally different: the ability to explain vulnerabilities in natural language, generate detection rules, analyze millions of lines of logs in seconds, and automatically prioritize incidents. For competitors — Microsoft Security Copilot, Google Chronicle AI, and niche players like Recorded Future and Darktrace — the announcement signals: the stakes in the race for enterprise cybersecurity clients have risen significantly.