OpenAI has released an upgraded version of its coding model, GPT-5.2-Codex, designed to handle complex software engineering tasks with improved cybersecurity features. This new iteration builds on the capabilities of GPT-5.2 and is optimized for “agentic” use cases – where AI autonomously manages long-term coding projects. The improvements matter because as AI gets better at coding, it also becomes a more powerful tool for both attack and defense in cybersecurity.
Enhanced Cybersecurity Capabilities
GPT-5.2-Codex is marketed as OpenAI’s most advanced model yet for cybersecurity work. The company tested it against industry benchmarks, including Capture-the-Flag (CTF) challenges, CVE-Bench (vulnerability discovery), and Cyber Range simulations.
- CTF Evals: The model achieved top performance, attributed to “compaction” – its ability to maintain coherent operation across multiple long context windows.
- CVE-Bench: It scored 87%, outperforming previous models, which can accelerate the brute-force approach to finding vulnerabilities.
- Cyber Range: The model achieved a 72.7% pass rate, slightly lower than GPT-5.1-Codex-Max’s 81.8%.
OpenAI recognizes the dual-use nature of these capabilities: the same AI that can identify flaws can also exploit them. To mitigate risks, the company is piloting a “trusted access” program for vetted cybersecurity professionals, allowing them to test the model’s full potential without restrictions. This approach acknowledges that defensive security requires tools with similar capabilities to those used by attackers.
Agentic Coding and Long-Horizon Work
A key advancement in GPT-5.2-Codex is its ability to handle large-scale software refactoring, migrations, and feature builds over extended periods. The “compaction” feature ensures the model retains context even during complex, multi-stage projects. This is critical for enterprises that rely on AI to automate or accelerate software development, as it reduces the risk of errors or loss of progress.
OpenAI highlights a real-world example: a security researcher using GPT-5.1-Codex-Max discovered a vulnerability in React code, demonstrating the model’s potential for vulnerability research. The company is now working to balance accessibility with safety, recognizing that restricting AI capabilities too much can hinder defensive cybersecurity efforts.
Controlled Access and Future Deployment
Currently, GPT-5.2-Codex is available to paid ChatGPT users. OpenAI plans to roll out API access in the coming weeks, with a phased approach that prioritizes safety. The trusted access pilot program will provide select users with more permissive models for defensive cybersecurity work, while OpenAI continues to evaluate the risks.
“Security teams can run into restrictions when attempting to emulate threat actors… We are developing a trusted access pilot to remove that friction for qualifying users.”
OpenAI’s approach reflects a growing recognition that controlling AI development is not just about preventing misuse but also about enabling responsible security research and defense. The company’s Preparedness Framework will continue to guide deployment decisions as models become more powerful.
GPT-5.2-Codex represents a significant step forward in AI-assisted software engineering, but its true impact will depend on how OpenAI manages the trade-offs between innovation and security. The model’s ability to handle long-term, complex tasks with improved cybersecurity features positions it as a valuable tool for enterprises, provided its deployment remains carefully controlled.
