On April 30, 2026, Sam Altman (@sama on X) posted that OpenAI is starting rollout of GPT‑5.5‑Cyber—described as a frontier cybersecurity model—to critical cyber defenders within days, with a pledge to work with the broader ecosystem and government on trusted access so the upside lands on defense-heavy use cases.
This article places that public signal next to what OpenAI has already documented about GPT‑5.5, cyber risk tiering, and Trusted Access for Cyber (TAC)—then contrasts the access + evidence model with Anthropic’s Claude Mythos Preview and Project Glasswing without pretending the vendors ran the same public evals.
What OpenAI has already published (before the viral tweet)
Capability and benchmarks (GPT‑5.5)
OpenAI’s Introducing GPT‑5.5 includes a CyberGym row in its benchmark table:
| Model (OpenAI table) | CyberGym |
|---|---|
| GPT‑5.5 | 81.8% |
| GPT‑5.4 | 79.0% |
| Claude Opus 4.7 | 73.1% |
The same materials cite an expanded internal Capture-the-Flag suite (harder CTF tasks than prior system cards) with GPT‑5.5 at 88.1% vs GPT‑5.4 at 83.7%—no Claude number in that row on the page we mirrored.
Those numbers are vendor-reported on OpenAI’s harness definitions—useful for within-OpenAI deltas; they are not independent red-team proof.
Preparedness tier (High, not Critical)
OpenAI’s GPT‑5.5 system card and Deployment Safety Hub — Cybersecurity state that GPT‑5.5 is treated as High in the cybersecurity domain—below Critical—and describe additional safeguards because dual-use cyber assistance scales with model strength. The Critical bar in their framework concerns autonomous, cross-hardened-target zero-day chains at a specifically worded severity; OpenAI argues GPT‑5.5 does not meet that threshold in their testing.
Trusted access and cyber-permissive variants
OpenAI’s Scaling trusted access for cyber defense (April 14, 2026) documents TAC scaling, chatgpt.com/cyber verification, and GPT‑5.4‑Cyber—a fine-tuned, more cyber-permissive line of GPT‑5.4 for vetted defenders and partners, with binary reverse-engineering positioned as a headline capability.
Interpretation for readers: Altman’s “GPT‑5.5‑Cyber” wording likely extends that same product philosophy to the GPT‑5.5 generation—tighter coupling of frontier weights with identity-backed defender channels. Confirm naming, tiers, and entitlement rules on live OpenAI pages; shipping details can change faster than blog archives update.
Claude Mythos Preview: a different publication contract
Anthropic’s Assessing Claude Mythos Preview’s cybersecurity capabilities (April 7, 2026) argues a large jump in agentic vulnerability research under controlled conditions, with quantitative contrasts vs prior Sonnet / Opus on Firefox exploit trials and OSS-Fuzz tier ladders—and heavy reliance on coordinated disclosure because most findings are not public yet.
Our earlier summary for ExplainX readers is here: Claude Mythos Preview and cybersecurity.
Glasswing is Anthropic’s invitation-only defensive channel—analogous in intent to OpenAI’s TAC, but not identical in eligibility, SKU, or safeguards story.
Comparison without fake precision
| Dimension | OpenAI (GPT‑5.5 era + TAC) | Anthropic (Mythos Preview + Glasswing) |
|---|---|---|
| Public cyber numbers | CyberGym and internal CTF in Introducing GPT‑5.5 | Firefox harness + OSS-Fuzz ladder in Mythos post |
| Risk framing | High cyber, not Critical, per Preparedness text | Non-GA preview; emphasis on dual-use and disclosure backlog |
| Access model | TAC, chatgpt.com/cyber, GPT‑5.4‑Cyber tiering documented; GPT‑5.5‑Cyber signaled publicly | Glasswing invitations; no broad retail GA for Mythos |
| Evidence you can audit today | Benchmark tables, system card, Deployment Safety pages | One detailed public CVE narrative + hashed commitments + aggregator stats |
Net: both labs agree cyber is dual-use and gate the most permissive surfaces. Neither gives outsiders a single clean A vs B score that merges their private harnesses.
Why social reactions (“attackers get it too”) miss a nuance
Commentary on Altman’s post often notes asymmetry: defenders need coverage; attackers need one gap. That macro claim is old and true.
The new part is governance engineering: TAC-style programs try to move friction onto identity + monitoring + contractual channels for high-dual-use workflows—not to solve offense‑defense parity, but to avoid shipping max-permissive defaults to anonymous abuse pipelines.
Whether that holds at scale is an empirical question; the theory is at least coherent.
Practical guidance for security leaders
- Treat vendor cyber percentages as RFP inputs, not Ordinal rankings across companies.
- Demand SOC-style logging and human review for agentic tool chains—either vendor.
- Assume jailbreaks and third-party proxies blur “defender-only” stories; defense in depth still wins.
- Read both Preparedness text (OpenAI) and CVD timing (Anthropic) when modeling disclosure risk.
Related on ExplainX
- Claude Mythos Preview and cybersecurity
- Claude Opus 4.7 models guide — where Mythos sits outside the GA trio
- Specification gaming and Goodhart’s law — why benchmarks can lie politely
Bottom line
GPT‑5.5‑Cyber, as described by Altman on April 30, 2026, fits naturally into OpenAI’s existing story: frontier cyber capability, High-but-not-Critical tiering in official text, stronger classifiers, and Trusted Access for identity-backed defenders. Claude Mythos Preview is Anthropic’s bet on showing (partially) how far agentic exploitation research moved—but on different public measurements.
If you need one takeaway: compare programs on governance and evidence, not on headline creature counts or isolated percent cells.
OpenAI links: Introducing GPT‑5.5, GPT‑5.5 system card, Deployment Safety Hub — Cybersecurity, Scaling trusted access for cyber defense. X posts are ephemeral—verify statements against OpenAI’s site. ExplainX is not affiliated with OpenAI or Anthropic.