OpenAI launched Daybreak on Tuesday, a cybersecurity initiative that combines its GPT-5.5 models with Codex security to help organizations identify, patch, and validate software vulnerabilities.

The program automates workflows including threat modeling and remediation, marking OpenAI's direct response to Anthropic's Project Glasswing in the competitive AI cybersecurity market.

Daybreak addresses enterprise concerns about AI models uncovering vulnerabilities that organizations cannot fix. This worry has intensified following recent incidents where threat actors used AI to develop zero-day vulnerabilities, leaving cybersecurity teams with no time to implement fixes.

"Security is under the spotlight," said Gal Malachi, co-founder and CTO of Terra Security. "What OpenAI did is a good step forward because they're not just giving you a bigger brain, they also give you a harness around that that allows you actually to have an orchestration around and handle vulnerabilities."

Limited Scope Remains a Challenge

However, cybersecurity experts note that Daybreak does not fully address current threats facing the industry. Malachi explained that both Daybreak and Anthropic's Mythos focus primarily on code analysis because code represents the most common application for generative AI.

"A lot of things happen until code reaches production," Malachi said, referring to the gap between development and deployment phases. "Preproduction is one thing, and yes, you can see some vulnerabilities or potential vulnerabilities in the code, but still, good LLMs produce a lot of false positives."

The challenge extends beyond static code analysis. Production environments present risks that cannot be detected through code review alone, particularly when LLMs generate responses in real-time.

"We also need to understand how systems run in production; perhaps there are a lot of things that you don't see from the code," Malachi added.

The cybersecurity community continues demanding solutions beyond code-based tools as enterprises grapple with AI-generated vulnerabilities in live systems.

Malachi advised that enterprises should approach initiatives like Daybreak with caution, ensuring they have appropriate tools and guardrails in place before implementation.