OpenAI in its latest AI model not only bolstered agentic AI capabilities for software developers but also its cybersecurity capabilities, cautioning that it not only hardens security features but also addresses the threats that such advanced models can pose.
In announcing the
release of GPT‑5.2-Codex, the company wrote that it “has stronger cybersecurity capabilities than any model we’ve released so far. These advances can help strengthen cybersecurity at scale, but they also raise new
dual-use risks that require careful deployment.”
That
dual nature of AI when it comes to cybersecurity – that increasingly capable models from OpenAI and other vendors can be used both by security teams and service providers to strengthen security protections but also by threat actors to launch even more dangerous attacks – is something that the AI company
warned about earlier this month.
Writing about the need to strengthen security capabilities in models, the company noted that in its planning and evaluation, it was pushing to ensure it can reach “high” levels of cybersecurity capabilities, as ranked in OpenAI’s
Preparedness Framework, which was updated earlier this year.
“By this, we mean models that can either develop working zero-day remote exploits against well-defended systems, or meaningfully assist with complex, stealthy enterprise or industrial intrusion operations aimed at real-world effects,” the company wrote. “Like other dual-use domains, defensive and offensive cyber workflows often rely on the same underlying knowledge and techniques. We are investing in safeguards to help ensure these powerful capabilities primarily benefit defensive uses and limit uplift for malicious purposes.”
Claude, a Case in Point
The threat posed by the advances of AI has been talked about for years, though the voices have gotten louder in the new era of generative AI and, now, AI agents. The concern was brought into sharp relief last month, when
Anthropic reported that China-linked bad actors used the agentic AI coding tool in its Claude AI model to automate as much as 90% of the work needed to run its campaign, with human intervention necessary in only four to six steps.
“At the peak of its attack, the AI made thousands of requests, often multiple per second – an attack speed that would have been, for human hackers, simply impossible to match,” Anthropic researchers
wrote in a blog post. “The cybersecurity community can expect these sorts of AI-driven attacks – using not only Claude but AI models from other vendors – to expand as attackers become more adept at using the agentic capabilities that are being developed. The barriers to performing sophisticated cyberattacks have dropped substantially – and we predict that they’ll continue to do so.”
No Surprise
No one should be surprised by how aggressively threat actors are using AI to develop and run their campaigns,
Rob Enderle, principal analyst with
The Enderle Group, told MSSP Alert.
“As your dependence on any tool increases, the risks connected to that tool breaking or doing something unintended increase as well,” Enderle said. “AI is a tool that is created by training it on massive amounts of data. Curating and assuring the quality of massive complex data sets has always been, and will always be, problematic. The more dependent on the tool, and the more powerful the tool, the greater the chance that the tool will be misused or become corrupted over time, resulting in an undesired outcome.”
Adding to the problem is that it is always difficult for the cybersecurity industry to keep pace with the advances cybercriminals make in their use of new and powerful technologies.
“The attacker only has to get it right once; the defender has to get it right every single time, making defense massively more difficult to do well than offense, which typically puts cybersecurity defenders on their back foot,” he said. “The goal is to create platforms that are secure enough so that the work to compromise them isn’t worth the potential results.”
Improving Security Capabilities
OpenAI wrote that the cybersecurity capabilities in its models have grown quickly, pointing out that the abilities of GPT-5 in capture-the-flag challenges – used to simulate real-life cyberattacks – hit 27% proficiency in August, while GPT-5.1-Codex-Max reached 76% three months later. GPT-5.2 and GPT-5.2-Codex both surpassed that this month, according to the company.
The vendor pointed to a real-world case, in which
Andrew MacPherson, a security engineer with
Privy – a company that provides wallet infrastructure and user authentication for Web3 developers – used GPT-5.1-Codex-Max to dig deeper into the high-profile React2Shell vulnerability, tracked as
CVE-2025-55182. MacPherson’s work with OpenAI’s model led to the discovery of previously unknown security flaws in React Server Components.
With the latest model, OpenAI said it also is creating a trusted access pilot program, giving vetted security experts and organizations “access to our most capable models for defensive use-cases to enable legitimate dual-use work.” It will allow them to work with models that have fewer restrictions than are found in public versions.
Companies Look to MSSPs, MSPs
In the middle of this
escalating AI arms race are MSSPs, MSPs, and other service providers. Enterprises and SMBs understand that AI can enhance both their defenses as well as their adversaries’ cyber campaigns. In a
recent report, startup
11:11 Systems found that 74% of respondents say using AI in their own business could open them up to more attacks, and 66% fear AI will make it easier for hackers to attack their infrastructure and target employees. In addition, 45% said they’ve bit hit by an AI-driven phishing attack.
Organizations – in particular, SMBs – are increasingly turning to MSSPs and MSPs to augment their security defenses and, at times, to completely fun their security functions. This is driven by such trends as the increasing number and sophistication of attacks, the expanding costs of complex security measures, and a lack of in-house expertise.
AI will grow that dependency. MSSPs need to focus “more on quality and core AI skills so that their customers can depend on them to advise on and help execute AI strategies that achieve their intended goals without increasing related risks,” Enderle said.