OpenAI Restricts Cybersecurity AI Access Following Anthropic's Model Controls

OpenAI is limiting access to a new AI model with advanced cybersecurity capabilities to a select group of companies, according to Axios reporting. The decision directly mirrors Anthropic's approach announced this week when it restricted access to Mythos Preview to only tech and security firms.

Current Programs and Models

OpenAI launched its "Trusted Access for Cyber" pilot program in February following the release of GPT-5.3-Codex, described as the company's most capable cybersecurity model to date. The pilot provides participants with access to particularly powerful models for defensive security work, backed by $10 million in API credits.

Anthropically's Mythos Preview model represents the company's latest cybersecurity-focused offering. The company has explicitly ruled out a public release, stating that models in the Mythos class will not ship to the broader market until adequate safety guardrails are in place.

Industry-Wide Safety Posture

Both companies cite the powerful hacking capabilities embedded in these models as the primary reason for restricting distribution. Rather than making advanced cybersecurity capabilities universally available, the companies are implementing staged rollouts to trusted partners in security and technology sectors.

Anthropic's decision to permanently exclude public access represents a stricter stance than OpenAI's approach, which does not rule out eventual broader availability. The timeline and conditions under which OpenAI might expand access to its new cybersecurity model remain undisclosed.

What This Means

The convergence of OpenAI and Anthropic on restricted access models signals growing industry consensus that certain AI capabilities pose sufficient security risks to warrant controlled distribution. This approach differs from each company's general model release strategy: while both companies maintain open or semi-open release policies for general-purpose models, specialized cybersecurity capabilities are receiving more cautious handling. The $10 million in credits for OpenAI's pilot suggests these capabilities remain valuable for legitimate defensive security work, but the restriction indicates both companies assess the offensive application risks as substantial enough to limit access during development and safety testing phases.