OpenAI has launched Daybreak, a new cybersecurity initiative that pairs its frontier models with the Codex agent harness to find and patch software vulnerabilities. The move intensifies competition with Anthropic's rival Project Glasswing initiative.

Announced on 11 May, Daybreak is OpenAI's answer to Anthropic's Mythos model. Mythos debuted in limited preview in April and exposed weak security across multiple industries.

OpenAI says Daybreak combines its models, Codex Security and a partner network to help defenders find vulnerabilities, validate fixes and ship patches faster.

Launch partners include Cloudflare, Cisco, CrowdStrike, Palo Alto Networks, Oracle, Akamai, Fortinet and Zscaler. Companies can also request a vulnerability scan directly from OpenAI.

The platform runs on three model tiers. GPT-5.5 is the default with standard safeguards for general security work. GPT-5.5 with Trusted Access for Cyber is reserved for verified defenders working on code review, vulnerability triage and patch validation. GPT-5.5-Cyber is a gated red-team variant for penetration testing and controlled validation.

“AI is already good and about to get super good at cybersecurity,” OpenAI chief executive Sam Altman wrote on X. He said the company wanted to work with as many organisations as possible to help them continuously secure themselves.

Daybreak arrives six weeks after Anthropic launched Project Glasswing, a consortium powered by its Claude Mythos Preview model. Glasswing promised an almost identical outcome. Find unknown vulnerabilities at machine speed, validate exploitability in controlled environments and patch before attackers act.

Three of OpenAI's launch partners are already inside Anthropic's Glasswing consortium. Cisco, CrowdStrike and Palo Alto Networks are running both stacks in parallel rather than picking a side.

Anthropic took a walled garden approach with Glasswing. It launched with 12 named partners including AWS, Apple, Google, Microsoft, Nvidia, JPMorganChase, Cisco, CrowdStrike and Palo Alto Networks. Access has since been extended to around 40 more critical infrastructure operators.

Mythos Preview is not publicly available. Anthropic has committed US$100 million in usage credits to keep the consortium running.

OpenAI has taken a wider path with tiered trust. Daybreak is publicly available and organisations can request a security assessment.

Benchmarks from the UK AI Security Institute suggest the underlying capabilities are nearly identical. GPT-5.5 averaged 71.4 per cent on the institute's expert-tier capture-the-flag tasks. Mythos Preview hit 68.6 per cent. The gap falls within the margin of error.

Both models also tackled a 32-step simulated corporate network attack that takes human experts about 20 hours. Mythos completed it three times in 10 attempts. GPT-5.5 completed it twice.

Forrester vice president and principal analyst Jeff Pollard recommended enterprise tech leaders experiment with the new platforms. He told CIO Dive that staff with responsibility for innovation in tech and cybersecurity should play with the capabilities to see what they offer.

Pollard noted AI providers need customers to consume their products, buy subscriptions and use tokens. That commercial pressure is now shaping how cyber-capable models reach the market.

The launch lands as AI compresses vulnerability disclosure timelines. Mozilla disclosed in April that Firefox 150 shipped with fixes for 271 vulnerabilities found during a Mythos Preview evaluation.