After Sam Altman called Anthropic's decision to restrict access to Mythos "fear-based marketing," OpenAI is now doing the exact same thing. Altman confirmed that OpenAI will roll out GPT-5.5 Cyber only to verified cybersecurity defenders — using an application process nearly identical to the approach Anthropic took with Mythos. The reversal is one of the most striking examples of how quickly competitive criticism evaporates when a company faces the same dilemma itself.
What GPT-5.5 Cyber Does
The restricted tool can perform penetration testing, vulnerability identification and exploitation, and malware reverse engineering. It is designed as a defensive toolkit that helps companies find security holes and test their defenses. The concern is that the same capabilities could be weaponized by attackers.
OpenAI has created a program called Trusted Access for Cyber, or TAC. Applicants must submit their credentials and describe their planned use. The program is tiered: verified defenders get access to more permissive models with fewer safety guardrails. TAC has scaled to thousands of verified defenders and hundreds of teams protecting critical software.
GPT-5.5 Cyber will roll out to critical defenders in the coming days. A broader rollout depends on the US government consultation and ongoing credential verification.
The Hypocrisy Problem
The timing is hard to ignore. When Anthropic restricted Mythos to select enterprise customers and government agencies, Altman publicly criticized the approach. He called it fear-based marketing designed to create artificial scarcity around what he characterized as a product positioning play rather than a genuine safety measure.
Some industry critics agreed with Altman at the time, arguing that Anthropic was overblowing the danger to generate press coverage and premium contracts. An unauthorized group later gained access to Mythos through a vendor breach, further questioning whether restricted distribution was even technically enforceable.
Now OpenAI is adopting nearly the identical approach. The application process. The credential verification. The tiered access. The government consultation. The language about responsible deployment. The only meaningful difference is that Altman spent weeks mocking Anthropic for it first.
Why OpenAI Changed Its Mind
The most likely explanation is simple: OpenAI tested GPT-5.5 Cyber internally and discovered exactly what Anthropic discovered with Mythos. The cybersecurity capabilities of frontier AI models have reached a level where unrestricted access creates genuine risk.
A model that can perform penetration testing and malware reverse engineering is, by definition, a model that can attack systems as easily as it defends them. The skills are identical — the only difference is intent. And once a model is publicly available, the deployer has no control over intent.
This is the same conclusion Anthropic reached months ago. The fact that OpenAI arrived at it independently — after publicly rejecting it — suggests the safety concern is real rather than manufactured.
What It Means for the AI Industry
The convergence between OpenAI and Anthropic on restricted access is significant. The two companies have taken fundamentally different approaches to AI safety and government engagement. Anthropic refused to give the Pentagon unrestricted access. OpenAI signed a military deal. Google and xAI followed OpenAI into the Pentagon.
But on cybersecurity tools specifically, both companies have now concluded that open access is too dangerous. That consensus — reached independently by rivals who disagree on almost everything else — may be the strongest signal yet that frontier AI capabilities are entering territory where unrestricted deployment creates unacceptable risk.
For enterprise customers evaluating AI cybersecurity tools, the restricted access model is becoming the norm rather than the exception. Whether that approach survives contact with market pressure — or whether competitors undercut it by offering similar capabilities without guardrails — will define how the industry handles the next generation of dangerous AI tools.
For Altman personally, the reversal is an uncomfortable reminder that criticism of a competitor's approach looks different when you are the one making the same decision. The fear-based marketing he mocked turned out to be responsible deployment he adopted.
