OpenAI is investing in advanced cybersecurity capabilities for its AI models, emphasizing defensive applications while managing dual-use risks. Performance on capture-the-flag (CTF) challenges improved from 27% on GPT‑5 in August 2025 to 76% on GPT‑5.1-Codex-Max in November 2025. The company expects future models to reach high levels of capability, potentially enabling sophisticated cyber operations, and is preparing safeguards accordingly.
The strategy includes defense-in-depth measures such as access controls, infrastructure hardening, egress monitoring, and system-wide detection of potentially malicious activity. OpenAI also conducts end-to-end red teaming with expert partners to identify vulnerabilities and strengthen model safety.
OpenAI is launching initiatives to expand defensive capacity, including Aardvark, an agentic security researcher in private beta that scans codebases for vulnerabilities and proposes patches. The company will introduce a trusted access program for qualifying cybersecurity professionals and establish the Frontier Risk Council to advise on responsible use and threat mitigation.
Collaboration with industry partners via the Frontier Model Forum aims to develop shared threat models and safety standards, ensuring AI capabilities support defenders while limiting potential misuse. OpenAI’s efforts reflect a long-term commitment to strengthening global cyber resilience.
The company also recently walked back promotional messages in ChatGPT after user complaints, reaffirming that ads remain off the roadmap while product quality and safety continue to take priority. This commitment to responsible deployment is highlighted by the company’s recent choice to prioritize ChatGPT’s safety and reliability over pursuing additional monetization opportunities.
