OpenAI has begun rolling out GPT-5.5-Cyber, a frontier model tuned for cybersecurity work, to vetted security teams defending critical infrastructure. The announcement, which CEO Sam Altman teased on X in late April when he said the company wants to "rapidly help secure companies and infrastructure," comes a month after Anthropic shook the industry with Claude Mythos Preview, a model that discovered thousands of zero-day vulnerabilities across every major operating system and web browser before its creators decided it was too dangerous to release broadly.
The two labs are taking different paths to the same destination. Anthropic has restricted Mythos to roughly 50 organizations under Project Glasswing, committing up to $100 million in usage credits but keeping the model under tight control. OpenAI, by contrast, is pushing GPT-5.5-Cyber to a wider audience through its Trusted Access for Cyber program, which it launched in February 2026 alongside a $10 million grant fund for security organizations.
Two Philosophies, One Problem
The disagreement is philosophical but the stakes are operational. Anthropic's position is that Mythos-class capabilities require controlled deployment because the same model that finds bugs can also exploit them. Engineers with no formal security training, according to Anthropic's red team, could generate working exploits overnight by simply prompting the model. The company has said these capabilities were not explicitly trained but emerged as a byproduct of improvements in reasoning and agentic coding.
OpenAI's argument runs the other direction. Restricting powerful defensive tools to a handful of tech giants leaves hospitals, municipal governments, and small security firms without access to the same caliber of protection. GPT-5.5-Cyber is designed for workflows like vulnerability triage, patch validation, and malware analysis. Safeguards still block requests for credential theft or malware deployment, but the refusal boundary is lower for verified defenders.
The UK AI Safety Institute has tested both models. In its evaluations, Claude Mythos Preview completed a 32-step simulated corporate network attack in 3 out of 10 test runs. GPT-5.5 managed the same task in 2 out of 10. Before Mythos, no AI model had ever completed that test at all.
Insurance Catches Up
As frontier models accelerate the pace of vulnerability discovery, a parallel market is emerging to absorb the risk when AI goes wrong. Corgi, a Y Combinator-backed insurance carrier, launched AI Insurance Coverage this week to protect businesses from the downstream consequences of model failures. The product covers hallucinations, algorithmic bias, training data disputes, and autonomous agent failures.
Traditional insurers have begun excluding AI-related risks altogether, creating a coverage gap that Corgi is moving to fill. The company just raised $160 million at a $1.3 billion valuation. Its modular approach lets customers select only the coverage relevant to their risk profile. As CEO Nico Laqua put it, "We built this product for the reality companies are already in, where AI is making decisions, taking actions, and sometimes making mistakes."
The timing is not accidental. A database tracking AI-generated legal filings now logs nearly 1,400 court cases involving hallucinated content. Sanctions for fake citations are escalating. According to an EY survey cited by Stanford's Trustworthy AI Research Lab, 64 percent of companies with annual turnover above $1 billion have lost more than $1 million to AI failures.
The Dual-Use Dilemma
The fundamental tension in cybersecurity AI is that capability cuts both ways. A model skilled at reverse engineering binaries for defense can, in the wrong hands, find exploitable flaws for offense. OpenAI's layered safety stack pairs live restrictions with threat-intel-driven investigation, but the company acknowledges that as capabilities increase, so must safeguards.
Anthropic estimates that similar capabilities will proliferate from other labs within six to eighteen months. Open-weight models are already appearing in uncensored variants days after release. The window for defenders to prepare is narrowing.
OpenAI is betting that broad access, paired with verification, will shift the balance toward defense. Anthropic is betting that caution buys time to harden critical infrastructure before the capability leaks. Both may be right, and both may be too late. The intelligence supply chain is accelerating. Whether insurance, access controls, or raw defensive capability keeps pace is the question that will define the next phase of AI security.
