OpenAI on Monday launched "Daybreak", a cybersecurity platform built around the company's frontier model that is designed to find vulnerabilities, validate fixes and write patches inside customer code bases. CEO Sam Altman, in a blog post and a separate developer-facing event in San Francisco, said the project was intended to "accelerate cyber defense and continuously secure software" and would be made available initially to a small set of design partners.
The launch partners listed by the company include Cloudflare, Cisco, CrowdStrike, Palo Alto Networks, Oracle and Akamai. OpenAI said Daybreak's primary differentiator was end-to-end automation: the platform ingests source code, runs static and dynamic analysis, generates candidate patches and submits pull requests with audit-ready evidence. Internal benchmarks shared with reporters put median vulnerability triage time at four minutes per medium-severity finding.
The strategic context is Anthropic's Project Glasswing, launched in March and powered by the company's unreleased Claude Mythos Preview model. Glasswing has been deployed at roughly 40 organisations under direct Anthropic contract, including with Mozilla, where it helped find and patch 271 vulnerabilities in Firefox during a six-week pilot in April. Anthropic has framed Glasswing as a model so capable that broad deployment requires unusually tight controls.
The two companies' positioning could not be more different. Anthropic has emphasised the potentially dangerous nature of cyber-capable AI systems, has limited Glasswing access to vetted partners, and is engaged in a four-meeting dialogue with the European Commission about staged disclosure. OpenAI, in Monday's blog post, said Daybreak's capabilities were already "broadly matched in the open-source ecosystem" and that wide defensive deployment was "the right answer for the industry".
The split mirrors a parallel divergence over access for governments. OpenAI announced last week that it would share GPT-5.5-Cyber, the cybersecurity-tuned variant of its flagship model, with vetted EU member-state agencies and businesses on the same terms it has made it available to US cybersecurity teams. Anthropic confirmed that its conversations with Brussels were "at an earlier stage" and that Mythos itself would not be released to states or organisations under sanctions.
Daybreak's commercial pricing — described by OpenAI as "consumption-based, with a free tier for small open-source projects" — is positioned to undercut Anthropic's direct-contract model. For customers, the practical question is whether the wider availability of Daybreak outweighs the more cautious capability ceiling that Glasswing's tighter deployment guarantees. CIOs at three Fortune 100 companies told the Financial Times on Tuesday that they were running both platforms in parallel pilots.
Both companies acknowledge that the cyber AI race has accelerated in the past two months. Microsoft's Security Copilot Strike, Google DeepMind's Project Naptime II and xAI's Grok-CyberSec are all expected to launch commercial-grade versions before the end of June.