How OpenAI’s Daybreak Solves Cyber Patching Bottleneck

While frontier AI models rapidly accelerate vulnerability discovery across the digital landscape, the primary bottleneck shifts from finding flaws to managing the overwhelming volume of uncovered security issues. 

Real risk reduction only comes from validating issues, understanding impact, testing patches and coordinating deployment. 

To address this challenge, OpenAI has expanded its Daybreak cybersecurity programme, including new tools, ecosystem partnerships and the full version of the GPT-5.5-Cyber model. 

This initiative is aimed at helping approved defenders close security gaps before malicious actors can exploit them. 

By democratising patching at machine speed, Daybreak, which was first released in May, provides the tools required to keep systems secure as the cyber threat landscape continues to accelerate. 

From finds to fixes

To scale the impact of these automated capabilities, an update is launching for the Codex Security plugin. 

The cloud system has scanned more than 30 million commits across more than 30,000 codebases since its research preview launched in March.

From these scans, human reviewers manually marked more than 70,000 findings as fixed, while more than 500,000 issues were automatically determined to be resolved.

The system integrates directly into Codex to place the equivalent of a security engineer next to every software developer. 

Rather than just generating static alerts, the plugin understands the code of a team, identifies plausible vulnerabilities and determines whether affected code is reachable. It then gathers validation evidence, develops a targeted patch and verifies the final result. Humans remain in full control of which changes to apply and what information to share.

The updated plugin also enables out-of-the-box defensive workflows that allow developers to run deep scans, trace attack paths and build threat models. It can triage existing findings from external scanners, advisories, bug-bounty reports or ticketing systems to quickly automate patch generation for a backlog of vulnerabilities. 

Completed scans can export directly to existing management systems via SARIF files and CodeQL queries.

GPT-5.5-Cyber update

Defenders requiring advanced capabilities can now access the full version of GPT-5.5-Cyber through a continued limited release to trusted operators. 

Moving beyond the initial permissive-only preview designed to reduce unnecessary workflow refusals, this update delivers deeper analysis across large repositories. 

The model sustains the full remediation loop by identifying security-relevant components, validating issues in controlled environments and preparing evidence for human review.

It sets a new state-of-the-art performance standard during single-model evaluations on CyberGym. This benchmark measures whether an AI agent can successfully reproduce known vulnerabilities in software environments.

GPT-5.5-Cyber achieved a score of 85.6%, while the standard GPT-5.5 model reached only 81.8%. The update represents the highest CyberGym score measured from a single model.

Open-source resilience via Patch the Planet

OpenAI believes that frontier defensive capabilities must not be concentrated in the hands of a few organisations.

Research from the Linux Foundation and Harvard found that 94% of the studied projects had fewer than 10 developers responsible for more than 90% of the code added in a year.

To support these communities, the company is launching the Patch the Planet initiative. Founded with Trail of Bits in collaboration with HackerOne, Calif, researchers and maintainers, the initiative helps open-source projects move from findings to fixes. 

Because accelerated AI discovery can overwhelm small teams with low-quality false positives, this project relies on expert human security review to manage the work end to end.

Security researchers consult with maintainers to define priorities and disclosure preferences. The researchers then validate and deduplicate both vulnerabilities and patches before they reach project maintainers. 

Initial participants include cURL, Go, Python, Sigstore and pyca/cryptography, with more than 30 open-source projects committed to participate. 

An initial five-day sprint surfaced hundreds of issues for review, merged dozens of patches and built reusable testing workflows.

Protecting global critical infrastructure networks

To scale these defensive benefits to more organisations, OpenAI is launching the Daybreak Cyber Partner Program. This allows leading security software and services providers to use frontier models with trusted access within their own products. 

Check Point Software is one the security vendors selected for OpenAI’s Daybreak Cyber Partner Program. Through this expanded partnership, it will identify the defensive security workflows and solutions where OpenAI’s trusted access for cyber models, paired with the right safeguards, can deliver measurable customer value.  

Roi Karo, Chief Strategy Officer at Check Point Software, says: “Our partnership with OpenAI represents a shared commitment to putting highly advanced AI to work inside the Check Point defences customers rely on. 

“As one of a select group of security vendors chosen for the OpenAI Daybreak Cyber Partner Program, Check Point is uniquely positioned to bring frontier AI capabilities directly into the security solutions customers depend on every day. This is what it means to lead in AI-powered security: not just adopting new technology, but shaping how it gets built and deployed responsibly across the industry.” 

The model ensures customers benefit from defensive capabilities while direct model access remains securely in the hands of participating partners.

At the same time, OpenAI is also collaborating with governments to protect critical infrastructure with Trusted Access for Cyber partnerships being established over the past month with multiple countries like Australia, Canada, Republic of Korea and EU institutions like ENISA. 

The firm’s ultimate goal of the expanding Daybreak initiative is to shift the focus from finding vulnerabilities to building a world of safer software and lasting cyber resilience.