On Monday, OpenAI announced something called “Daybreak,” a project that CEO Sam Altman says is meant to “accelerate cyber defense and continuously secure software.“
OpenAI is launching Daybreak, our effort to accelerate cyber defense and continuously secure software.
AI is already good and about to get super good at cybersecurity; we’d like to start working with as many companies as possible now to help them continuously secure themselves.
— Sam Altman (@sama) May 11, 2026
The OpenAI blog post announcing Daybreak doesn’t mention the word “project” at all, perhaps to make readers slightly less apt to compare it to Anthropic’s Project Glasswing, but watch this: this sounds mighty similar to Anthropic’s Project Glasswing. Like Project Glasswing, it’s a program in which a frontier AI company seeks to partner with corporate and government entities to root out security vulnerabilities using OpenAI’s most advanced models in the hopes of “seeing risk earlier, acting sooner, and helping make software resilient by design.”
Glasswing rolled out last month alongside Anthropic’s announcement of its Claude Mythos Preview model, famously the model so capable—according to its creators at least—that it posed a danger to the world. As Anthropic’s system card for the model, explained:
Claude Mythos Preview’s large increase in capabilities has led us to decide not to make it generally available. Instead, we are using it as part of a defensive cybersecurity program with a limited set of partners.
In other words, because it’s “the most cyber-capable model” Anthropic had ever built, it needs to be locked away for now, unless you’re a VIP. Influential software developer Daniel Stenberg has called this an “amazingly successful marketing stunt for sure.”
Two days after that announcement, reports started materializing about a similar project at OpenAI. An anonymously sourced Axios story described it as “a product with advanced cybersecurity capabilities that it plans to release to a small set of partners.”
The Daybreak announcement is much more public-facing than that, and comes across as significantly less ominous and secretive than Project Glasswing. The top of the page has two buttons: “Request a vulnerability scan” and “Contact sales.” When you click, “Request a vulnerability scan” you get a brief and unchallenging form:
Altman said in his X post that OpenAI would “like to start working with as many companies as possible now,” and in fairness, that’s how the effort comes across. Compared to way Project Glasswing rolled out, with frightened governments scurrying around behind the scenes like agitated ants, it’s refreshing.
The announcement says Daybreak makes use of Codex Security, which was announced as a research preview back in March, to create a “threat model” of a given system that outlines its functions, who is trusted by the system, and what the vulnerabilities therefore are. With that as its context, it then digs into your actual codebase for the real world exploits.
Then, in theory, it Daybreak patches them.
