GPT-5.5-Cyber Reaches the EU: What It Means (2026)
June 6, 2026
%22%2F%3E%0A%20%3Cg%20opacity%3D%220.12%22%3E%3Crect%20x%3D%22120%22%20y%3D%22126%22%20width%3D%22420%22%20height%3D%2212%22%20fill%3D%22url(%23g)%22%2F%3E%3Crect%20x%3D%22660%22%20y%3D%22472.5%22%20width%3D%22360%22%20height%3D%2212%22%20fill%3D%22url(%23g)%22%2F%3E%3C%2Fg%3E%0A%20%3Cg%3E%3Cpath%20d%3D%22M%20969%20282%20L%20846%20310%22%20stroke%3D%22url(%23g)%22%20stroke-opacity%3D%220.25%22%20stroke-width%3D%223%22%2F%3E%3Cpath%20d%3D%22M%20846%20310%20L%20444%20479%22%20stroke%3D%22url(%23g)%22%20stroke-opacity%3D%220.25%22%20stroke-width%3D%223%22%2F%3E%3Cpath%20d%3D%22M%20444%20479%20L%20640%20269%22%20stroke%3D%22url(%23g)%22%20stroke-opacity%3D%220.25%22%20stroke-width%3D%223%22%2F%3E%3Cpath%20d%3D%22M%20640%20269%20L%20274%20424%22%20stroke%3D%22url(%23g)%22%20stroke-opacity%3D%220.25%22%20stroke-width%3D%223%22%2F%3E%3Cpath%20d%3D%22M%20274%20424%20L%201063%20493%22%20stroke%3D%22url(%23g)%22%20stroke-opacity%3D%220.25%22%20stroke-width%3D%223%22%2F%3E%3Ccircle%20cx%3D%22969%22%20cy%3D%22282%22%20r%3D%2210%22%20fill%3D%22url(%23g)%22%20opacity%3D%220.6%22%2F%3E%3Ccircle%20cx%3D%22846%22%20cy%3D%22310%22%20r%3D%226%22%20fill%3D%22url(%23g)%22%20opacity%3D%220.6%22%2F%3E%3Ccircle%20cx%3D%22444%22%20cy%3D%22479%22%20r%3D%2215%22%20fill%3D%22url(%23g)%22%20opacity%3D%220.6%22%2F%3E%3Ccircle%20cx%3D%22640%22%20cy%3D%22269%22%20r%3D%227%22%20fill%3D%22url(%23g)%22%20opacity%3D%220.6%22%2F%3E%3Ccircle%20cx%3D%22274%22%20cy%3D%22424%22%20r%3D%2215%22%20fill%3D%22url(%23g)%22%20opacity%3D%220.6%22%2F%3E%3Ccircle%20cx%3D%221063%22%20cy%3D%22493%22%20r%3D%2210%22%20fill%3D%22url(%23g)%22%20opacity%3D%220.6%22%2F%3E%3C%2Fg%3E%0A%20%3Cg%3E%0A%20%3Ctext%20x%3D%2250%25%22%20y%3D%2250%25%22%20dominant-baseline%3D%22central%22%20text-anchor%3D%22middle%22%20font-family%3D%22Inter%2Csystem-ui%2CArial%22%20font-size%3D%22108%22%20font-weight%3D%221000%22%20fill%3D%22none%22%20stroke%3D%22%230b1020%22%20stroke-width%3D%2210%22%20stroke-opacity%3D%220.6%22%20style%3D%22paint-order%3A%20stroke%20fill%3B%22%3E%23GPT-5.5-CYBER%3C%2Ftext%3E%0A%20%3Ctext%20x%3D%2250%25%22%20y%3D%2250%25%22%20dominant-baseline%3D%22central%22%20text-anchor%3D%22middle%22%20font-family%3D%22Inter%2Csystem-ui%2CArial%22%20font-size%3D%22108%22%20font-weight%3D%221000%22%20fill%3D%22url(%23g)%22%20filter%3D%22url(%23drop)%22%3E%23GPT-5.5-CYBER%3C%2Ftext%3E%0A%20%3C%2Fg%3E%0A%20%3Cg%20transform%3D%22rotate(-8%20264%20126)%22%3E%3Ctext%20x%3D%22216%22%20y%3D%22126%22%20font-family%3D%22Inter%2Csystem-ui%2CArial%22%20font-size%3D%2234%22%20font-weight%3D%22700%22%20fill%3D%22url(%23g)%22%20fill-opacity%3D%220.9%22%3Egpt-5.5-cyber%20eu%3C%2Ftext%3E%3C%2Fg%3E%0A%20%3Cg%20transform%3D%22rotate(10%20936%20516.6)%22%3E%3Ctext%20x%3D%22864%22%20y%3D%22516.6%22%20font-family%3D%22Inter%2Csystem-ui%2CArial%22%20font-size%3D%2234%22%20font-weight%3D%22700%22%20fill%3D%22url(%23g)%22%20fill-opacity%3D%220.9%22%3Ewhat%20is%20gpt-5.5-cyber%3C%2Ftext%3E%3C%2Fg%3E%0A%20%3C!--%20Code%20card%20background%20for%20contrast%20--%3E%0A%20%3Cg%20opacity%3D%220.18%22%3E%0A%20%3Crect%20x%3D%2260%22%20y%3D%22378%22%20rx%3D%2216%22%20ry%3D%2216%22%20width%3D%22600%22%20height%3D%22176.4%22%20fill%3D%22%230b1020%22%20stroke%3D%22url(%23g)%22%20stroke-opacity%3D%220.35%22%2F%3E%0A%20%3C%2Fg%3E%0A%20%3Ctext%20x%3D%2272%22%20y%3D%22415.8%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2219%22%20fill%3D%22url(%23g)%22%20fill-opacity%3D%220.7%22%3E%23%20GPT-5.5-Cyber%20Reaches%20the%20EU%3A%20What%20It%20Means%20(2026)%3C%2Ftext%3E%3Ctext%20x%3D%2272%22%20y%3D%22439.8%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2219%22%20fill%3D%22url(%23g)%22%20fill-opacity%3D%220.7%22%3EOpenAI%20is%20extending%20**GPT-5.5-Cyber**%2C%20the%20cyber-permissive%20variant%20of%20its%20frontier%20model%2C%20to%20vetted%20European%20defenders%20under%20a%20newly%20announced%20**EU%20Cyber%20Action%20Plan**.%20The%20move%20%E2%80%94%20confirmed%20by%20OpenAI%26%2339%3Bs%20AI%20policy%20lead%20for%20Europe%2C%20Martin%20Signoux%2C%20on%20May%2011%2C%202026%20%E2%80%94%20opens%20limited-preview%20access%20to%20European%20businesses%2C%20governments%2C%20cyber%20authorities%2C%20and%20EU%20institutions%20including%20the%20EU%20AI%20Office%2C%20and%20it%20is%20part%20of%20a%20broader%20sprint%20in%20which%20Anthropic%20has%20just%20given%20the%20EU%26%2339%3Bs%20cybersecurity%20agency%20access%20to%20its%20rival%20Claude%20Mythos%20model.%5B%5E1%5D%5B%5E2%5D%3C%2Ftext%3E%3Ctext%20x%3D%2272%22%20y%3D%22463.8%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2219%22%20fill%3D%22url(%23g)%22%20fill-opacity%3D%220.7%22%3E%23%23%20TL%3BDR%3C%2Ftext%3E%3Ctext%20x%3D%2272%22%20y%3D%22487.8%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2219%22%20fill%3D%22url(%23g)%22%20fill-opacity%3D%220.7%22%3EGPT-5.5-Cyber%20is%20a%20more%20permissive%20sibling%20of%20GPT-5.5%20that%20OpenAI%20tuned%20for%20authorized%20defensive%20work%20%E2%80%94%20red%20teaming%2C%20penetration%20testing%2C%20vulnerability%20validation%2C%20malware%20analysis%2C%20binary%20reverse%20engineering%2C%20and%20detection%20engineering.%5B%5E3%5D%5B%5E4%5D%20It%20first%20entered%20limited%20preview%20on%20May%207%2C%202026%20for%20defenders%20securing%20critical%20infrastructure%2C%20gated%20behind%20OpenAI%26%2339%3Bs%20identity-and-trust%20framework%20called%20**Trusted%20Access%20for%20Cyber**.%5B%5E4%5D%5B%5E5%5D%20The%20EU%20Cyber%20Action%20Plan%20announced%20four%20days%20later%20extends%20that%20access%20to%20trusted%20European%20defenders%2C%20a%20region%20OpenAI%20says%20had%20not%20had%20these%20capabilities%20before.%5B%5E1%5D%20Access%20is%20not%20open%3A%20individual%20members%20on%20the%20highest%20tier%20must%20enable%20phishing-resistant%20authentication%2C%20and%20organizations%20attest%20to%20phishing-resistant%20single%20sign-on%2C%20with%20the%20requirement%20taking%20effect%20June%201%2C%202026.%5B%5E6%5D%20The%20backdrop%20is%20a%20competitive%20sprint%20with%20Anthropic%2C%20whose%20Claude%20Mythos%20reached%20the%20EU%26%2339%3Bs%20ENISA%20agency%20on%20June%201%20and%20expanded%20to%20150%20more%20organizations%20a%20day%20later.%5B%5E2%5D%5B%5E7%5D%3C%2Ftext%3E%3Ctext%20x%3D%2272%22%20y%3D%22511.8%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2219%22%20fill%3D%22url(%23g)%22%20fill-opacity%3D%220.7%22%3E%23%23%20What%20is%20GPT-5.5-Cyber%3F%3C%2Ftext%3E%3Ctext%20x%3D%2272%22%20y%3D%22535.8%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2219%22%20fill%3D%22url(%23g)%22%20fill-opacity%3D%220.7%22%3EGPT-5.5-Cyber%20is%20a%20variant%20of%20OpenAI%26%2339%3Bs%20GPT-5.5%20model%20that%20is%20fine-tuned%20to%20be%20more%20permissive%20on%20security-related%20tasks%2C%20intended%20for%20specialized%2C%20authorized%20cybersecurity%20workflows%20rather%20than%20general%20use.%5B%5E3%5D%5B%5E4%5D%20OpenAI%20is%20explicit%20that%20the%20model%20is%20**not**%20meant%20to%20extend%20raw%20cyber%20capability%20beyond%20GPT-5.5%20%E2%80%94%20it%20is%20%26quot%3Bprimarily%20trained%20to%20be%20more%20permissive%20on%20security-related%20tasks%26quot%3B%20so%20that%20verified%20defenders%20hit%20fewer%20refusals%20when%20doing%20legitimate%20work%20like%20writing%20a%20proof-of-concept%20for%20a%20bug%20they%20found%20or%20simulating%20an%20attack%20against%20their%20own%20environment.%5B%5E3%5D%5B%5E4%5D%3C%2Ftext%3E%0A%20%3Crect%20width%3D%221200%22%20height%3D%22630%22%20fill%3D%22%23000%22%20opacity%3D%220%22%20filter%3D%22url(%23grain)%22%2F%3E%0A%3C%2Fsvg%3E)
OpenAI is extending GPT-5.5-Cyber, the cyber-permissive variant of its frontier model, to vetted European defenders under a newly announced EU Cyber Action Plan. The move — confirmed by OpenAI's AI policy lead for Europe, Martin Signoux, on May 11, 2026 — opens limited-preview access to European businesses, governments, cyber authorities, and EU institutions including the EU AI Office, and it is part of a broader sprint in which Anthropic has just given the EU's cybersecurity agency access to its rival Claude Mythos model.12
TL;DR
GPT-5.5-Cyber is a more permissive sibling of GPT-5.5 that OpenAI tuned for authorized defensive work — red teaming, penetration testing, vulnerability validation, malware analysis, binary reverse engineering, and detection engineering.34 It first entered limited preview on May 7, 2026 for defenders securing critical infrastructure, gated behind OpenAI's identity-and-trust framework called Trusted Access for Cyber.45 The EU Cyber Action Plan announced four days later extends that access to trusted European defenders, a region OpenAI says had not had these capabilities before.1 Access is not open: individual members on the highest tier must enable phishing-resistant authentication, and organizations attest to phishing-resistant single sign-on, with the requirement taking effect June 1, 2026.6 The backdrop is a competitive sprint with Anthropic, whose Claude Mythos reached the EU's ENISA agency on June 1 and expanded to 150 more organizations a day later.27
What is GPT-5.5-Cyber?
GPT-5.5-Cyber is a variant of OpenAI's GPT-5.5 model that is fine-tuned to be more permissive on security-related tasks, intended for specialized, authorized cybersecurity workflows rather than general use.34 OpenAI is explicit that the model is not meant to extend raw cyber capability beyond GPT-5.5 — it is "primarily trained to be more permissive on security-related tasks" so that verified defenders hit fewer refusals when doing legitimate work like writing a proof-of-concept for a bug they found or simulating an attack against their own environment.34
That distinction matters. A standard chat model will often refuse requests that look offensive — generating exploit code, walking through a privilege-escalation chain, reverse engineering a binary — because those same steps describe an attack. For a defender running an authorized red-team engagement, those refusals are friction. GPT-5.5-Cyber removes some of that friction for users who have proven they are defenders, while keeping guardrails on requests that could contribute to real-world harm.4
It is also not OpenAI's first cyber-permissive model. The company began cyber-specific safety training with GPT-5.2 and shipped GPT-5.4-Cyber in April 2026, which introduced binary reverse-engineering capabilities for verified defenders.89 GPT-5.5-Cyber is the newest entry in that lineage, built on a base model OpenAI classifies as "High" cybersecurity capability under its Preparedness Framework.3
Trusted Access for Cyber: the gatekeeping framework
The reason GPT-5.5-Cyber can be permissive at all is the wrapper around it. Trusted Access for Cyber (TAC) is OpenAI's identity-and-trust-based access program: it uses automated identity verification to reduce friction for individuals on cybersecurity tasks, and partnerships with a limited set of vetted organizations to grant the more permissive models.58 The idea is to give verified defenders broader access to GPT-5.5's security capabilities for defensive tasks while maintaining restrictions on requests that could cause real-world harm.4
Access is tiered, and the top tier carries the heaviest verification burden. For individual members, OpenAI requires Advanced Account Security — phishing-resistant authentication, hardware-backed keys, or equivalent — with the requirement taking effect June 1, 2026; organizations can instead attest to phishing-resistant single sign-on at the company level.6 The framework also layers in account-level controls, approved-use scoping, and monitoring, plus asynchronous blocking for higher-risk requests.48 In other words, the permissiveness is bought with accountability: who you are, what you are approved to do, and a paper trail.
The EU Cyber Action Plan: who gets in
The EU Cyber Action Plan is the regional rollout of that framework. Announced by Martin Signoux on May 11, 2026, it extends GPT-5.5-Cyber to trusted European cyber defenders — businesses, governments, cyber authorities, and EU institutions such as the EU AI Office — under the same Trusted Access for Cyber gating.1 The plan is "bringing to Europe unprecedented cyber defense capabilities that have not been available in the region until now," Signoux said.1
The framing is deliberately about parity and timing. European defenders had watched frontier cyber-AI capabilities ship elsewhere first; the action plan is OpenAI's answer, positioning the company as the supplier of defensive tooling to the bloc's institutions at a moment when the EU is formalizing its own AI and cyber posture. It is still a limited preview, not general availability — access flows to vetted defenders responsible for securing critical infrastructure, not to the general European public.14
What GPT-5.5-Cyber unlocks for defenders
Within an authorized environment, GPT-5.5-Cyber is pitched at the practical, repetitive parts of security operations that a capable model can compress. The named workflows include:34
- Red teaming and penetration testing — planning and executing authorized offensive simulations against your own systems.
- Vulnerability validation — writing proofs-of-concept to confirm whether a discovered bug is actually exploitable.
- Malware analysis — examining suspicious samples to understand behavior and intent.
- Binary reverse engineering — analyzing compiled software for vulnerabilities or malicious potential without source code.
- Detection engineering — building and tuning the rules that catch attacks in progress.
The independent signal that these are real capabilities, not marketing, comes from the UK's AI Security Institute (AISI). In its evaluation, GPT-5.5 solved a reverse-engineering challenge that took a human expert playtester roughly 12 hours in about 10 minutes, at $1.73 in API usage, and posted one of the strongest Expert-tier cyber-task pass rates AISI had recorded (71.4%).10 We covered that evaluation — and how it reached rough parity with Claude Mythos — in our breakdown of the AISI GPT-5.5 cyber results. GPT-5.5-Cyber removes the refusal friction so verified defenders can actually put that capability to work.
"High" capability, but below "Critical"
The capability that makes GPT-5.5-Cyber useful is the same capability that makes it sensitive. OpenAI classifies GPT-5.5 as "High" cybersecurity capability under its Preparedness Framework — a tier that triggers a heavier safeguard stack, but one that sits below the framework's "Critical" threshold.3 (For the record, GPT-5.5 was not the first OpenAI model to reach "High"; GPT-5.3-Codex was the first classified at that level, and GPT-5.4 followed.)89
The "Critical" definition is the bright line OpenAI says GPT-5.5 does not cross: a model that can "identify and develop functional zero-day exploits of all severity levels in many hardened real-world critical systems without human intervention," or devise and execute end-to-end novel cyberattacks against hardened targets from only a high-level goal.3 In testing, GPT-5.5 was unable to produce functional critical-severity exploits in the software projects evaluated in standard configurations.3 The honest read: this is a model that meaningfully accelerates a human defender, not an autonomous offensive agent — which is exactly why OpenAI is willing to widen access behind identity gates.
The race with Anthropic's Mythos
OpenAI is not extending cyber access into Europe in a vacuum. The week its EU plan drew fresh coverage, rival Anthropic was moving on the same chessboard with Claude Mythos, the cyber model at the heart of its Project Glasswing program.27
Anthropic had held Mythos back from European institutions for weeks before relenting: on June 1, 2026, it gave the EU's cybersecurity agency ENISA access through Project Glasswing, making ENISA the first EU institution in the program.2 A day later, Anthropic expanded Glasswing to 150 additional organizations across more than 15 countries — adding sectors like power, water, healthcare, communications, and hardware — with named partners including Okta, Samsung, SK Hynix, SK Telecom, and NATO.7 Anthropic says Glasswing partners have surfaced more than 10,000 high- or critical-severity flaws since launch.7 We dug into the program's origins in our look at Claude Mythos and Project Glasswing.
The two companies are converging on the same model: gate a powerful cyber model behind heavy verification, then court the same European institutions — ENISA, national authorities, critical-infrastructure operators — as anchor customers. The differences are at the edges. OpenAI frames GPT-5.5-Cyber as defensive and more permissive rather than more capable, wrapped in a tiered Trusted Access framework;4 Anthropic markets Mythos as its most powerful model yet, which it says identified thousands of zero-day vulnerabilities over several weeks.7 For a European CISO, the practical question is no longer whether frontier cyber-AI is available in the region — it is which vetting regime to enter, and on whose terms.
Bottom line
GPT-5.5-Cyber's arrival in Europe is less a product launch than a policy maneuver. The model itself has been in preview since early May; the EU Cyber Action Plan is about who gets to use it and under what terms. OpenAI's bet is that the future of frontier cyber-AI is permissioned, not open — capabilities strong enough to compress a defender's day-long task into minutes, fenced off behind identity verification, approved-use scoping, and monitoring. With Anthropic running the same play for ENISA and critical-infrastructure operators across 15-plus countries, the contest in Europe has shifted from whether defenders can access frontier cyber models to whose trust framework they sign into first.
Related reading: the AISI GPT-5.5 cyber evaluation, Claude Mythos and Project Glasswing, and how OpenAI retrained GPT-5.5 for the agentic era.
Footnotes
-
"OpenAI to give EU access to new cyber model but Anthropic still holding out on Mythos," CNBC, May 11, 2026 (EU Cyber Action Plan announcement, Martin Signoux quote and title). https://www.cnbc.com/2026/05/11/openai-eu-cyber-model-anthropic-mythos-gpt.html ↩ ↩2 ↩3 ↩4 ↩5 ↩6
-
"OpenAI GPT-5.5-Cyber Reaches EU: Anthropic Mythos Opens to ENISA Days Later," TechTimes, June 5, 2026. https://www.techtimes.com/articles/317891/20260605/openai-gpt-55-cyber-reaches-eu-anthropic-mythos-opens-enisa-days-later.htm ↩ ↩2 ↩3 ↩4
-
OpenAI, "Scaling Trusted Access for Cyber with GPT-5.5 and GPT-5.5-Cyber" (model framing, "High" Preparedness classification, Critical definition). https://openai.com/index/gpt-5-5-with-trusted-access-for-cyber/ ↩ ↩2 ↩3 ↩4 ↩5 ↩6 ↩7 ↩8 ↩9 ↩10
-
"OpenAI rolls out new GPT-5.5-Cyber to vetted cybersecurity teams," CNBC, May 7, 2026 (limited preview, defensive use cases, permissive framing). https://www.cnbc.com/2026/05/07/openai-rolls-out-new-gpt-5point5-cyber-to-vetted-cybersecurity-teams.html ↩ ↩2 ↩3 ↩4 ↩5 ↩6 ↩7 ↩8 ↩9 ↩10 ↩11 ↩12 ↩13 ↩14
-
"OpenAI tunes GPT-5.5-Cyber for more permissive security workflows," Help Net Security, May 8, 2026 (Trusted Access for Cyber framework). https://www.helpnetsecurity.com/2026/05/08/openai-gpt-5-5-cyber-model/ ↩ ↩2 ↩3
-
"OpenAI expands GPT-5.5 cyber defense access to Europe through new EU action plan," EdTech Innovation Hub (Advanced Account Security / phishing-resistant authentication requirement, effective June 1, 2026). https://www.edtechinnovationhub.com/news/openai-expands-gpt-55-cyber-defense-access-to-europe-through-new-eu-action-plan ↩ ↩2 ↩3
-
"Anthropic expands Mythos to 150 additional organizations in more than 15 countries," CNBC, June 2, 2026 (Glasswing expansion, ENISA, named partners, 10,000+ flaws). https://www.cnbc.com/2026/06/02/anthropic-mythos-ai-project-glasswing.html ↩ ↩2 ↩3 ↩4 ↩5 ↩6
-
"OpenAI Scales Trusted Access for Cyber Defense With GPT-5.4-Cyber," MarkTechPost, April 20, 2026 (cyber model lineage, TAC tiers, binary reverse engineering). https://www.marktechpost.com/2026/04/20/openai-scales-trusted-access-for-cyber-defense-with-gpt-5-4-cyber-a-fine-tuned-model-built-for-verified-security-defenders/ ↩ ↩2 ↩3 ↩4
-
"OpenAI launches GPT-5.4-Cyber model for vetted security professionals," SiliconANGLE, April 14, 2026 (GPT-5.4-Cyber launch). https://siliconangle.com/2026/04/14/openai-launches-gpt-5-4-cyber-model-vetted-security-professionals/ ↩ ↩2
-
"Our evaluation of OpenAI's GPT-5.5 cyber capabilities," UK AI Security Institute (AISI) (reverse-engineering challenge time/cost, Expert-tier pass rate). https://www.aisi.gov.uk/blog/our-evaluation-of-openais-gpt-5-5-cyber-capabilities ↩ ↩2
