AI/ML , AI benefits/risks OpenAI Daybreak joins growing movement of AI-driven vulnerability discovery May 14, 2026 Share By Laura French (Credit: Andrii Lysenko – stock.adobe.com) This week, OpenAI announced Daybreak , a new project that aims to “make software resilient by design” by leveraging its latest GPT models, Codex Security agent and security industry partnerships. The program is said to combine “secure code review, threat modeling, patch validation, dependency risk analysis, detection and remediation guidance” and embed these AI-driven processes into development workflows to secure software earlier. While not a new model, Daybreak is designed to enhance the application of OpenAI’s GPT-5.5 model in conjunction with Codex Security as an agentic harness to find and fix vulnerabilities, prioritize high-impact issues, build threat models based on code repositories and investigate logs for signs of vulnerability exploit attempts, the company said. Tiered access to increasingly cyber-capable versions of GPT-5.5 is intended to prevent misuse by cyber threat actors, with GPT-5.5 with Trusted Access for Cyber enabling “most defensive security workflows” for verified cyber professionals and GPT-5.5-Cyber being the most permissive tier for specialized workflows such as AI-powered red teaming. The announcement comes as AI-powered vulnerability discovery is rapidly gaining momentum, largely due to the release of Anthropic’s Claude Mythos Preview last month. The growing movement has been met with both enthusiasm about AI’s ability to find and patch flaws faster than ever, and anxiety about an overwhelming influx in CVEs and the potential misuse of these capabilities by cyber threat actors . Related reading: The vulnerability flood is here. Patching won’t save you. Lesson from Mythos Preview: double-down on the fundamentals What Claude Mythos signals for AI security’s future “Medium- and low-severity CVEs, complicated exploit chains or obscure application vulnerabilities often escaped attention because they were difficult, time-consuming or simply not worth pursuing. That assumption doesn’t hold in a world of agentic vulnerability discovery,” Protegrity Senior Product Security Architect Clyde Williamson noted in comments to SC Media. How organizations can keep up in the Mythos/Daybreak era and beyond Early adopters of Daybreak told SC Media that recent breakthroughs in AI cyber capability should encourage organizations to think about their attack resilience as a whole, beyond just the patch cycle. “The window between vulnerability discovery and exploitation is compressing, and the fundamentals have never mattered more: phishing-resistant MFA, Zero Trust, least privilege — now explicitly including AI agents operating inside your environment — and full asset visibility. Organizations that haven’t locked down the basics won’t outrun an AI-enabled attacker by layering on new tools,” said Omar Santos, distinguished engineer, AI security engineering at Cisco. Cisco, in addition to joining Daybreak, is also a participant in Anthropic’s Project Glasswing , which granted access to Claude Mythos Preview only to a select group of technology, security and critical infrastructure organizations. On Tuesday, Cisco released its own open-source and model-agnostic framework for agentic security evaluation, called Foundry Security Spec . “At Cisco, we’ve used frontier models to find vulnerabilities in our own products, turned those lessons into open rules that AI coding agents enforce in real time, and shared an open-source framework publicly through the Foundry Security Spec and Project CodeGuard , because this can’t be a proprietary advantage, it has to raise the floor for everyone,” Santos said. Another Project Glasswing and Daybreak partner is CrowdStrike, which is leveraging models from Anthropic and OpenAI to enable customers to build custom security agents through its Charlotte AI AgentWorks Ecosystem . CrowdStrike SVP and Head of Counter Adversary Operations Adam Meyers told SC Media that while AI tools will increase the pace of vulnerability discovery, “a zero day is at the start of the story, not the end of it.” “Even if a frontier model finds a vulnerability, the adversary still has to move laterally, escalate privilege, and accomplish their objective. The principles have not changed, but the clock is moving faster,” Meyers said. “Organizations need to prioritize visibility, treat identity as a first line of defense, patch what adversaries are actively exploiting first, and leverage threat hunting to stay ahead of the adversary.” HackerOne Chief Product Officer Nidhi Aggarwal told SC Media that Mythos and Daybreak prove that “AI-driven offensive security is going mainstream,” but identified two bottlenecks the industry will need to overcome as the technology continues to evolve. First, enterprises will need the necessary frameworks — beyond just the frontier models and agents themselves — to effectively and securely apply these tools, including “coping, access controls, evaluation pipelines, and integration with existing workflows,” Aggarwal said. Second, Aggarwal said robust processes are needed to properly validate and disclose AI-discovered vulnerabilities, “separating real, exploitable findings from noise, prioritizing them by actual business impact, and getting them to the right owners fast enough to matter.” “AI accelerates discovery; human ingenuity, continuous validation, and adversarial expertise are what turn that discovery into reduced risk. The organizations that embrace agentic continuous security, paired with the independent adversarial expertise to validate it and the remediation infrastructure to act on it, will reach a more mature security posture first,” Aggarwal concluded. In addition to announcements from OpenAI and Cisco this week, Microsoft announced on Tuesday that its new multi-model agentic scanning harness (MDASH) was used by its Autonomous Code Security (ACS) team to discover 16 vulnerabilities included in Patch Tuesday security updates for April and May. MDASH orchestrates more than 100 agents to discover and validate exploitable flaws and aided in the discovery of four critical remote code execution (RCE) flaws including CVE-2026-33827 in Windows TCP/IP, CVE-2026-33824 in the Windows IKE Extension and CVE-2026-41089 in Windows Netlogon. An In-Depth Guide to AI Get essential knowledge and practical strategies to use AI to better your security program. Learn More Laura French Related Managed Security Services The CISO shortage: Finding leadership without a leader Paul Wagenseil May 13, 2026 Thanks to AI, full-time CISO services may become available to firms that can't afford a full-time CISO. AI/ML Anthropic’s AI finds one low-severity vulnerability in heavily audited curl codebase SC Staff May 13, 2026 Daniel Stenberg, the creator of curl, reviewed a Mythos analysis of 176,000 lines of C code, which claimed to have found five "confirmed" vulnerabilities. AI/ML Grego AI launches with AI-powered vulnerability detection SC Staff May 13, 2026 The company's method, called Deep Invariant Analysis, scans entire codebases to map module and dependency connections. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe You can skip this ad in 5 seconds