OpenAI Wants AI to Stop Finding Bugs and Start Fixing Them: Inside "Daybreak"
On June 22, 2026, OpenAI expanded its Daybreak cybersecurity program — releasing the cyber-tuned GPT-5.5-Cyber to vetted defenders and launching "Patch the Planet" with Trail of Bits and HackerOne to fix open-source bugs at machine speed.
TL;DR — On June 22, 2026, OpenAI expanded its "Daybreak" cybersecurity program — releasing a cyber-tuned GPT-5.5-Cyber to vetted defenders and launching Patch the Planet with Trail of Bits and HackerOne — betting that AI's value in security is shifting from finding bugs to fixing them.
Everyone's worried AI will help attackers. OpenAI's pitch is the opposite: use it to patch the world's software faster than humans can.
What's new
Per SiliconANGLE and Infosecurity Magazine, Daybreak grew four ways: the full GPT-5.5-Cyber model (limited access, extra monitoring), an updated Codex Security plugin, a Cyber Partner Program, and Patch the Planet — an open-source remediation push founded with Trail of Bits and HackerOne, where a human engineer reviews every finding before it reaches a maintainer.
How good is the cyber model
| Metric | GPT-5.5-Cyber | GPT-5.5 (standard) |
|---|---|---|
| CyberGym benchmark (reproduce known vulns) | 85.6% | 81.8% |
| Access | Vetted "trusted defenders" only | General |
| Purpose | Find, validate & patch vulnerabilities | General-purpose |
An initial five-day sprint surfaced hundreds of issues across 19 projects, and the tooling is credited with finds like a 23-year-old use-after-free flaw in the OpenBSD kernel and five exploitable bugs in Chrome's V8 engine. Since Codex Security's March preview, OpenAI says it has scanned 30 million commits across 30,000+ codebases.
Why it matters
Partners span vendors and governments — Cisco, CrowdStrike, IBM, Okta, Palo Alto Networks, Proofpoint, plus governments including Australia, Canada, France, Germany, Japan and South Korea. "By incorporating GPT-5.5 through the OpenAI Cyber Partner Program into Proofpoint's products… we can help security teams improve threat investigation, decision-making, and efficiency," said Ryan Kalember, Chief Strategy Officer at Proofpoint.
FAQ
What is OpenAI's Daybreak program?
A cybersecurity initiative (launched May 2026, expanded June 22, 2026) offering a cyber-tuned model, a code-security plugin, a partner program, and an open-source fixing effort called Patch the Planet.
How does GPT-5.5-Cyber compare to standard GPT-5.5?
It scores 85.6% on the CyberGym benchmark versus 81.8% for standard GPT-5.5, and is restricted to vetted "trusted defenders" with extra monitoring.
What is "Patch the Planet"?
An open-source remediation program with Trail of Bits and HackerOne that funds researchers to fix bugs alongside maintainers — with a human reviewing every AI finding first.
Has it found real bugs?
Yes — reported finds include a 23-year-old OpenBSD kernel flaw and five exploitable bugs in Chrome's V8 engine, per security-trade coverage.
Sources: SiliconANGLE, Infosecurity Magazine, IT Pro.
Image: mikemacmarketing, CC BY 2.0, via Wikimedia Commons.
← Back to all posts