OpenAI Unveils Cyber‑Focused GPT‑5.4‑Cyber, Sparking Comparison with Anthropic’s Claude Mythos

OpenAI announced a new, security‑oriented variant of its GPT‑5.4 model called GPT‑5.4‑Cyber . The release does not include the anticipated GPT‑5.5 or GPT‑6, but instead focuses on extending the Trusted Access for Cyber (TAC) framework, which OpenAI introduced a little over two months ago.

TAC is a trust‑based access system that strengthens abuse‑prevention measures while expanding the range of advanced cyber capabilities available to verified defenders. OpenAI is now scaling the program to thousands of individual security practitioners and hundreds of teams responsible for protecting critical software.

Some industry observers view the limited rollout of GPT‑5.4‑Cyber as a direct response to Anthropic’s recently launched Claude Mythos. The author notes, however, that the two efforts appear to follow different trajectories: Anthropic is pursuing a more controllable AI system, whereas OpenAI is building a “hard‑hitting” security model.

The naming of the model has attracted criticism, with some commenters saying “GPT‑5.4‑Cyber sounds like a stripped‑down adult chat product.” Despite the jokes, OpenAI outlines several long‑standing principles of its cyber‑defense strategy: broaden tool access, iterate capabilities continuously, and enhance ecosystem resilience.

As model capabilities improve, OpenAI’s strategy evolves in two directions: granting compliant, trusted defenders broader usage rights while simultaneously tightening overall security safeguards. The goal is to let defenders leverage cutting‑edge abilities, such as binary reverse‑engineering, enabling analysis of software for malicious behavior or vulnerabilities even without source code.

Deployment will be small‑scale and incremental, prioritising vetted security vendors, organisations, and researchers. Certain scenarios—e.g., zero‑data‑retention use cases—may still face access restrictions, especially when the model is accessed via third‑party platforms where OpenAI has limited visibility into the user environment and intent.

Access to TAC is obtained as follows:

Individual users complete identity verification on the OpenAI website.

Enterprise users request team access through an OpenAI account manager.

Approved users receive a more flexible security‑focused model version, supporting security education, defensive development, and responsible vulnerability research. Existing TAC participants who complete additional verification can apply for higher‑level permissions, including GPT‑5.4‑Cyber.

OpenAI also indicates that future, more capable models will continue to enforce similar security mechanisms, though models specifically trained for cyber scenarios with relaxed usage limits will require stricter deployment controls and corresponding safeguards.

In the long term, OpenAI expects to build a more robust protection framework to keep AI safe in the cybersecurity domain, anticipating that future model capabilities could quickly outpace today’s most advanced specialised systems.