"The goal is simple: accelerate cyber defenders and continuously secure software," the OpenAI announcement said on May 12, 2026.
Daybreak: building security from the ground up
OpenAI unveiled Daybreak as an initiative aimed at helping developers "build secure software from the ground up." Where the company's existing Trusted Access for Cyber (TAC) program focuses on vetted users tapping into frontier models to identify and fix vulnerabilities, Daybreak is explicitly designed to push security earlier into the software development lifecycle.
Models and tools: the GPT‑5.5 family and Codex Security
Daybreak already includes three of OpenAI’s latest models: the general-purpose version of GPT‑5.5; GPT‑5.5 with TAC, which OpenAI says offers "more precise safeguards for verified defensive work in authorized environments"; and GPT‑5.5‑Cyber. The initiative also features Codex Security, a code‑review assistant based on Codex that OpenAI describes as currently available only as a research preview.
Practical workflows shown in short videos
OpenAI posted short videos demonstrating how Daybreak’s tooling can be applied in software development and defensive operations. The company highlighted three concrete workflows:
- Scanning a codebase using Codex Security’s 10 subagents to identify vulnerabilities, fix them and add regression tests.
- Triaging a vulnerability backlog: prioritizing which vulnerabilities should be fixed (for example, by severity, impact or exploitability) and deploying agents to open pull requests.
- Automating vulnerability detection, validation and response: for instance, looking for the latest CVEs, deploying an agent to investigate their impact on the business, and searching logs for evidence of exploitation.
OpenAI framed these capabilities with a caveat: "Because those same capabilities can be misused, Daybreak pairs expanded defensive capability with trust, verification, proportional safeguards and accountability," the announcement added.
Trusted Access for Cyber (TAC): membership and what Daybreak builds on
Daybreak builds from OpenAI’s TAC program, which reserves access to certain frontier models to a selective set of organizations. As of May 2026, OpenAI said the TAC program includes "hundreds of organizations" and "thousands of individual defenders."
Named participants in TAC span established IT and cybersecurity vendors — Akamai, Cisco, Cloudflare, CrowdStrike, Fortinet, NVIDIA, Oracle, Palo Alto Networks, Sophos and Zscaler — and a roster of large enterprises concentrated in finance and private equity, including Bank of America, BBVA, BlackRock, BNY, Citibank, Goldman Sachs, JPMorgan Chase, Morgan Stanley and US Bank. A small number of government-linked research organizations are also part of TAC, specifically the US Center for AI Standards and Innovation (CAISI) and the UK AI Security Institute (UK AISI).
OpenAI confirmed in early May its intention to expand TAC to more government agencies, and the company said it will "soon deploy new 'cyber-capable models' in cooperation with industry and government partners."
What this means for Cisco, security vendors, and large financial institutions
Anthony Grieco, SVP, chief security and trust officer at Cisco, provided a direct view of how a named TAC participant sees Daybreak's potential. Grieco said frontier models like GPT‑5.5 are "powerful force multipliers for defenders," adding: "They are fundamentally changing the velocity of our operations, enabling us to move faster on everything from incident investigation to proactive exposure reduction."
For security vendors such as CrowdStrike, Fortinet, Palo Alto Networks, Sophos and others already listed in TAC, Daybreak offers tools to instrument secure-development workflows directly — scanning codebases, triaging backlogs and automating detection, validation and response — while operating within the safeguards that OpenAI describes as part of the program.
For the large financial firms named in TAC — for example, Bank of America, Goldman Sachs, JPMorgan Chase and Morgan Stanley — the initiative represents both an operational opportunity and an integration challenge: these organizations are part of the selective access cohort and therefore positioned to leverage Daybreak’s defensive tooling across code and incident workflows under the TAC framework.
OpenAI’s announcement closes on an operational promise and a governance note: accelerate defenders and continuously secure software, but do so with verification and proportional safeguards. The company’s next concrete steps include broader TAC expansion to government agencies and the upcoming deployment of additional "cyber-capable models" with industry and government partners — developments the named participants and the wider security community will watch closely.
