Can you discuss further or share more details about trusted access for cybersecurity, especially for individual security researchers or security professionals who don't have any access for their org but at least have paid access?
#Trusted Access for Cyber
hoary light
fiery breachBOT
Hi @hoary light. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
OpenAI’s “Trusted Access for Cyber” is a pilot program that lets certain users retain or gain access to more advanced cybersecurity capabilities (e.g., GPT‑5.3‑Codex) while OpenAI calibrates safeguards and classifiers for general use. [Cyber safety; Trusted access]
From the available docs, here’s what’s specifically stated for individuals vs. orgs:
What Trusted Access for Cyber is
- GPT‑5.3‑Codex is treated as “High cybersecurity capability” under OpenAI’s Preparedness Framework, so extra safeguards apply (safety training + classifier-based monitoring). [Cyber safety]
- Some traffic that looks like high‑risk cyber activity can be automatically rerouted to a less cyber‑capable model (GPT‑5.2) or otherwise mitigated. [Cyber safety]
- Trusted Access is meant to let legitimate cyber work continue with fewer disruptions from these mitigations. [Cyber safety]
How individual researchers / professionals can get it
For individuals (including independent security researchers or professionals), the docs say:
- “Users can verify their identity at chatgpt.com/cyber” to use models for potentially high‑risk cybersecurity work. [Trusted access]
The documentation does not specify:
- Whether you must be on a particular paid tier (e.g., Plus vs. free) to complete this flow.
- Exact review criteria, turnaround times, or what additional capabilities you get beyond reduced rerouting/mitigations.
So all we can say confidently is that identity verification at chatgpt.com/cyber is the documented path for individual users; details beyond that are not described in the sources.
How organizations can get it
For org‑level access:
- “Enterprises can request trusted access for their entire team by default through their OpenAI representative.” [Trusted access]
This implies an enterprise relationship and working with an account rep; there’s no additional public detail in the provided docs.
Additional, more permissive programs
For researchers needing even more capable or permissive models:
- “Security researchers and teams who may need access to even more cyber‑capable or permissive models … can express interest in our invite‑only program” via the linked form. [Trusted access]
Again, the docs don’t describe selection criteria or guarantees of approval.
Ongoing obligations
Even with trusted access:
- Users must still follow OpenAI’s Usage Policies and Terms of Use; trusted access does not permit offensive or abusive use. [Trusted access]
Because the knowledge sources don’t go deeper than this, I can’t provide more specific operational details (e.g., exact capabilities unlocked, rate limits, or how paid vs. free status affects eligibility). For anything beyond what’s above, you’d need to follow the chatgpt.com/cyber flow or, for enterprises, talk to an OpenAI representative.
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
civic isle
What added benefits does Cyber trusted access actually give? Maybe list examples of what can be done
@fiery breach
fiery breachBOT
Let me check the knowledge base for you again. One moment! :books:
Sorry @civic isle, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist:
Perhaps try again in 15mins?
civic isle
@fiery breach I'm verified and was generally curious but no worries
fiery breachBOT
Let me check the knowledge base for you again. One moment! :books:
Understood. Based on the docs we have, there isn’t any additional, more detailed description of what you get after you’re verified beyond:
- You can use models for “potentially high‑risk cybersecurity work” under the Trusted Access for Cyber pilot. [Trusted access]
- You still have to follow the standard Usage Policies and Terms of Use. [Trusted access]
The sources don’t break down finer‑grained differences between already‑verified individuals (like you) or give extra technical details about capabilities, limits, or review processes beyond that.
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
civic isle
@fiery breach Okay, I will ask GPT 5.3 when I get chance , I haven't had time to use it yet, thank-you for your assistance
fiery breachBOT
Let me check the knowledge base for you again. One moment! :books:
You’re welcome — and since you’re already verified, you should be well‑positioned to explore the more advanced cyber use cases once you have time.
From the docs we have, GPT‑5.3 Instant is now the default ChatGPT model for logged‑in users, with GPT‑5.4 Thinking/Pro available on higher tiers, so when you come back you’ll likely be using GPT‑5.3 by default in ChatGPT unless you manually pick something else. [GPT‑5.3/5.4 in ChatGPT]
If you later run into anything that looks like unexpected blocking or rerouting on cyber tasks, that’s usually the safety systems around high‑capability models like GPT‑5.3‑Codex, plus the Trusted Access for Cyber pilot you’re already in. [Cyber safety]