By OpenAI has spent the past week privately briefing U.S. federal agencies, state governments, and Five Eyes intelligence allies on the capabilities of its new AI cybersecurity product, Axios has learned — marking a significant push by the company into government-facing AI cyber defense.
Why It Matters
Both public agencies and private companies are racing to get their hands on the latest AI cybersecurity tools. The most advanced AI systems offer the potential for major gains on the defensive side — but also carry serious risks, as the same capabilities could give malicious hackers a significant technological edge.
What’s Driving the News: The GPT-5.4-Cyber Model
OpenAI held a closed-door event in Washington, D.C. on Tuesday, hosting approximately 50 cyber defense practitioners from across the federal government to demonstrate the capabilities of its new GPT-5.4-Cyber model — a specialized AI system rolled out under a tiered access program last week.
Government applicants are undergoing the same vetting process as commercial customers seeking to join OpenAI’s Trusted Access for Cyber program, according to a source familiar with the matter. Attendees included a broad range of officials from national security agencies, most of whom are responsible for managing day-to-day cybersecurity operations.
OpenAI vs. Anthropic: A Cybersecurity AI Race
OpenAI launched its new AI cyber model closely on the heels of Anthropic’s competing Mythos Preview, and both companies are currently in active discussions with government agencies to determine access eligibility.
Anthropic chose not to release Mythos publicly, citing significant cyber risk concerns, and has instead made it available to roughly 40 select companies and organizations — including at least two within the federal government.
OpenAI, by contrast, is pursuing a dual-track strategy: making one version of the GPT-5.4-Cyber model broadly available with robust safeguards, while releasing a more capability-rich, cyber-permissive version exclusively to vetted defenders through its Trusted Access for Cyber program.
Inside Tuesday’s Government Demo Event
At Tuesday’s event, OpenAI Chief Global Affairs Officer Chris Lehane explained that the dual-track approach is designed to widen access to advanced AI cybersecurity tools — enabling organizations like local water utilities to leverage cutting-edge AI for infrastructure defense.
Sasha Baker, OpenAI’s Head of National Security Policy, told attendees that the company hopes to partner with government departments to prioritize the most critical use cases and establish channels for cross-sector threat intelligence sharing. OpenAI is also actively working with state governments to extend access to the GPT-5.4-Cyber model beyond the federal level.
Five Eyes Briefings Begin This Week
In a significant development, OpenAI has begun briefings with Five Eyes member nations this week to get them vetted and onboarded for access to the model, Axios has learned. The Five Eyes intelligence-sharing alliance includes the United States, Australia, Canada, New Zealand, and the United Kingdom — making this a major step toward allied AI cybersecurity collaboration.
Complications for Anthropic’s Government Rollout
Anthropic’s own expansion within the U.S. government faces a notable obstacle: the Pentagon has designated the company as a “supply chain risk” following a contentious dispute over AI safeguards. Despite that designation, Anthropic’s Mythos model is currently undergoing testing by the NSA, as previously reported by Axios.
The Bigger Picture: AI for Legacy System Security
For most organizations that currently have access to either OpenAI’s GPT-5.4-Cyber or Anthropic’s Mythos Preview, the primary use case is identifying exploitable security vulnerabilities within their own internal systems.
This is particularly relevant for federal government cybersecurity: many agencies continue to rely on aging legacy systems that are difficult to maintain, patch, and secure. Advanced AI vulnerability detection tools could dramatically accelerate the process of identifying and remediating critical security flaws — a potential game-changer for national cyber defense.