OpenAI and Anthropic Are Splitting on Who Gets Cyber-Model Access

Written by Ty Sutherland in AI and Society

Dark abstract cybersecurity visualization, illustrating the OpenAI-Anthropic split on EU cyber model access

Table of Contents

OpenAI and Anthropic agree on most things. They disagree on the same things in roughly the same way most of the time. On the question of who gets access to a model that can find software vulnerabilities at industrial scale, they have diverged publicly for the first time. On May 11, OpenAI announced it would give the European Union access to GPT-5.5-Cyber — a cybersecurity-specialized variant of its frontier model — extending the deal to European businesses, governments, cyber authorities, and the EU AI Office. Anthropic, on the same date, is still declining to give the EU access to Mythos, the same model that Anthropic’s broader agent safety work exists to constrain, its own cyber-capable model.

The split is the story. Both labs have models that can do meaningful offensive cyber work. They are making opposite choices about who gets to use those models, and the choices reveal different theories about what frontier labs owe regulators, defenders, and the public.

What Actually Happened on May 11

OpenAI confirmed on Monday May 11 that it is granting the EU access to GPT-5.5-Cyber, the cyber-specialized variant of GPT-5.5. Access extends to European businesses, governments, cybersecurity authorities, and EU institutions including the EU AI Office. The rollout began the prior week in limited preview to vetted cybersecurity teams.

On the same day, EU officials confirmed Anthropic is still not extending Mythos access to the bloc. Mythos shipped a month ago through Project Glasswing, a controlled-access program covering roughly 40 organizations — Apple, Amazon, JPMorgan Chase, Palo Alto Networks, and others — but the EU is not on the list. EU Commission officials have had four or five meetings with Anthropic on the topic. The discussions are described as “not yet at the same stage” as the OpenAI arrangement.

The OpenAI EU Deal

The OpenAI arrangement gives the EU something other governments do not have: a frontier cyber-capable model accessible to vetted institutional users for defensive work. Hospitals, energy utilities, payment processors, and the EU AI Office can theoretically run GPT-5.5-Cyber against their own infrastructure to find vulnerabilities before adversaries do. The defensive-equities argument for the deal is straightforward.

What the deal signals about OpenAI’s broader posture matters more than the specific access. OpenAI is positioning itself as a model lab that engages directly with major regulatory blocs on cyber-model access. That posture trades off against the alternative — keeping the strongest cyber capabilities entirely in-house and restricting access to a small set of US allies. By going the engagement route, OpenAI gets regulatory credibility in Europe at a cost of giving a non-US bloc direct access to the model.

Why Anthropic Is Holding Mythos Back

Anthropic’s position is structurally different. Mythos has been distributed through Project Glasswing to a curated set of approximately 40 organizations chosen specifically for their defensive cybersecurity expertise. The criteria appear to weight technical capability over governmental status — Apple and Palo Alto Networks are on the list; the EU AI Office is not.

The internal logic, based on what Anthropic has said publicly: Mythos can find and exploit critical software vulnerabilities at a scale that makes public release too dangerous. The Project Glasswing model lets a small set of organizations with the operational capability to use the findings safely actually use them. Broadening access to a regulatory body, even one with security-cleared staff, dilutes that operational filter without obviously improving defensive outcomes — because the EU AI Office is not in the business of finding zero-days in production systems, it is in the business of writing rules about who finds them.

Whether this argument holds up depends on what Anthropic actually believes about EU staff capability and on whether the company sees regulatory engagement as worth the access tradeoff. The four or five meetings suggest the discussion is ongoing rather than closed.

The Two Different Safety Models

Both labs are running coherent positions. They are not the same position.

OpenAI: access widens by tier of vetting. Vetted cybersecurity teams first. Then governmental institutions. Then commercial buyers under contract. The trust model assumes regulatory institutions can be trusted with frontier capability and that broadening access expands defensive use of the model faster than offensive use grows.

Anthropic: access widens only to organizations with proven operational capability to use the model safely. The trust model assumes that regulatory institutions and operational capability are different categories, and that limiting access to organizations that can actually run a vulnerability research program is the conservative choice regardless of governmental status.

Both positions are defensible. Both have failure modes. The OpenAI mode fails if a vetted institutional user gets compromised and the model leaks. The Anthropic mode fails if the curated 40 organizations are insufficient to actually find vulnerabilities at the scale needed for defensive work, and if Mythos sits idle while real-world adversaries find the same vulnerabilities with less capable tooling.

What the EU Position Tells You

The EU’s interest in cyber-model access is straightforward: Europe runs a substantial fraction of the world’s critical infrastructure, the cyber threat environment includes nation-state adversaries, and the EU AI Office wants direct technical understanding of capabilities that affect the bloc’s security posture.

What the EU is signaling by accepting OpenAI’s offer while still negotiating with Anthropic: the willingness of a frontier lab to engage with regulators is itself a meaningful factor in regulatory standing. OpenAI gets credit for being available. Anthropic faces ongoing pressure to either match the offer or articulate publicly why their position holds. The political asymmetry is real.

For other regulatory blocs — UK, India, Japan, Australia — the precedent set by the OpenAI EU deal will shape what they ask for next. Expect parallel access requests from at least three major non-US jurisdictions in the second half of 2026.

What This Changes for Cybersecurity Buyers

For enterprise cybersecurity teams, the practical implication depends on jurisdiction.

European buyers gain access to GPT-5.5-Cyber as a defensive tool through the EU institutional framework. Expect indirect access through partnerships with EU AI Office programs, through national CERTs, and through European cybersecurity vendors that integrate the model. The path to GPT-5.5-Cyber for a European security buyer goes through institutional intermediaries rather than direct API access.

US buyers can access GPT-5.5-Cyber directly through OpenAI’s tiered enterprise programs and indirectly through Project Glasswing-style arrangements with Anthropic. The access posture is more flexible but the regulatory framing is less developed.

Skip the topic if your cybersecurity work does not involve actively searching for vulnerabilities. Cyber-capable models are tools for offensive-security teams (red team, threat intel, vulnerability research) and for the defensive teams that respond to what red teams find. For most enterprise security work — security operations, incident response, identity management — the standard frontier models without cyber specialization are sufficient.

FAQ

What is GPT-5.5-Cyber?
A cybersecurity-specialized variant of OpenAI’s GPT-5.5 frontier model, designed to assist with defensive cyber work including vulnerability research and threat intelligence. Released under tiered access controls — vetted cybersecurity teams first, then institutional users including the EU AI Office.

Why is Anthropic not giving the EU access to Mythos?
Anthropic has limited Mythos access to approximately 40 organizations under Project Glasswing, selected for their operational capability to use the model’s findings safely. The EU has had multiple meetings with Anthropic but discussions are not at the same stage as the OpenAI arrangement. Anthropic considers full public release too risky because of the scale of cyberattacks the model could enable.

What is Project Glasswing?
Anthropic’s controlled-access program for Mythos. Includes roughly 40 organizations such as Apple, Amazon, JPMorgan Chase, and Palo Alto Networks. The program tests defensive use of the model in production-scale environments without broader public access.

Are these models dangerous?
Both GPT-5.5-Cyber and Mythos can perform offensive-security work at a scale that would be difficult without them. The labs’ position is that defensive use by vetted organizations is net positive; the risk is that the access controls fail. Mythos in particular has been reported to find thousands of zero-day vulnerabilities in testing.

Will other countries get similar access?
Likely. The OpenAI EU deal is the first major precedent for cyber-model access by a non-US regulatory bloc. Expect parallel requests from the UK, India, Japan, and Australia in the second half of 2026.

How does this affect normal enterprise cybersecurity?
For most enterprise security work, the standard frontier models without cyber specialization remain sufficient. The cyber-capable variants are tools for offensive-security teams and the defensive teams that respond to their findings. Buyers outside that specific use case do not need access to GPT-5.5-Cyber or Mythos.

Ty Sutherland

Ty Sutherland is the Chief Editor of AI Rising Trends. Living in what he believes to be the most transformative era in history, Ty is deeply captivated by the boundless potential of emerging technologies like the metaverse and artificial intelligence. He envisions a future where these innovations seamlessly enhance every facet of human existence. With a fervent desire to champion the adoption of AI for humanity's collective betterment, Ty emphasizes the urgency of integrating AI into our professional and personal spheres, cautioning against the risk of obsolescence for those who lag behind. "Airising Trends" stands as a testament to his mission, dedicated to spotlighting the latest in AI advancements and offering guidance on harnessing these tools to elevate one's life.

Recent Posts