Daybreak: Tools for securing every organization in the world
9 hours ago
- #Open Source Security
- #Vulnerability Patching
- #AI Cybersecurity
- Daybreak is being expanded to democratize patching of vulnerable software at machine speed, using AI models to discover and generate patches for critical vulnerabilities in major browsers, network infrastructure, and operating systems.
- New initiatives include: an updated Codex Security plugin to accelerate vulnerability discovery and patching; the full release of GPT‑5.5‑Cyber for trusted defenders, setting new performance benchmarks; a Daybreak Cyber Partner Program to scale benefits through security partners; and Patch the Planet, an initiative to help open-source projects move from findings to fixes.
- AI has changed cybersecurity dynamics, shifting the bottleneck from vulnerability discovery to patching. Models can now navigate codebases, reason through attacks, and surface hidden issues, requiring defenders to have access to tools for fixing vulnerabilities quickly.
- Daybreak integrates OpenAI's frontier cyber capabilities, Trusted Access for Cyber, Codex Security workflows, and ecosystem partners to help defenders validate vulnerabilities, prioritize risk, generate fixes, and produce evidence within existing workflows.
- Codex Security has scanned over 30 million commits across 30,000 codebases, with human reviewers marking 70,000 findings as fixed and over 500,000 automatically determined as fixed, highlighting the scale needed for modern patching.
- The updated Codex Security plugin enables defensive workflows, including deep scans, report generation, threat modeling, validation, and patch generation, integrating into developer tools and automating vulnerability management.
- GPT‑5.5‑Cyber is OpenAI's strongest model for cybersecurity, excelling in benchmarks like CyberGym (85.6%), ExploitGym, and SEC-bench Pro, designed for advanced, authorized work with permissive behavior and strong safeguards.
- Patch the Planet collaborates with Trail of Bits, HackerOne, and Calif to fund expert researchers who work with open-source maintainers, providing tools like ChatGPT Pro and Codex Security to reduce maintainer burden and speed remediation.
- OpenAI is engaging with governments and institutions worldwide, including the U.S., Australia, Canada, and EU agencies, to uplift defensive capabilities and protect critical infrastructure through Trusted Access for Cyber partnerships.
- The goal is to move beyond finding vulnerabilities towards safer software and cyber resilience by combining models, security tools, expert researchers, and partnerships to help defenders protect infrastructure effectively.