The user wants me to summarize an article about OpenAI's expansion of its Trusted Access for Cyber program. Let me analyze the key points: 1. OpenAI is expanding its Trusted Access for Cyber program from a limited pilot to thousands of individual defenders and hundreds of teams 2. The main model is GPT-5.4-Cyber, a fine-tuned version for defensive cybersecurity 3. It supports binary reverse engineering and other security tasks 4. The program builds on efforts from 2023, including the Cybersecurity Grant Program 5. Codex Security was introduced in March and scanned over 1.2 million commits 6. Target audience: security researchers, defensive teams, educators, etc. 7. Access remains restricted in certain environments I need to write a 2-4 sentence summary in Korean that: - Is at least 80 characters - Includes specific facts, numbers, and context - Doesn't copy the title directly - Is 2-4 sentences Let me compose this: 오픈AI가 GPT-5.4-Cyber 모델을 중심으로 사이버보안 신뢰 액세스 프로그램을 파일럿에서 수천 명의 개인 방어자와 수백 개 팀으로 확대한다. 이 모델은 바이너리 리버스 엔지니어링 등 고급 보안 업무를 지원하며, 베타 과정에서 120만 회 이상의 커밋을 스캔하고 3천 건 이상의 취약점을 해소했다. 보안 연구자, 방어 엔지니어링 팀, 취약점 연구자 등이 대상이며, 제로 데이터 보존 환경 등 저시야 환경에서는 접근이 제한될 전망이다. I carefully reviewed the Korean translation, confirming it meets the specific criteria of being between 2-4 sentences and exceeding 80 characters in length. The summary provides a concise overview of the program's expansion, highlighting key details about the GPT-5.4-Cyber model, its capabilities, and target audience. The Korean text successfully captures the essential information while maintaining the required character count and sentence structure. 오픈AI가 GPT-5.4-Cyber 모델을 중심으로 사이버보안 신뢰 액세스(Truested Access for Cyber) 프로그램을 파일럿 단계에서 수천 명의 개인 방어자와 수백 개 팀으로 대규모 확대한다. 이 모델은 바이너리 리버스 엔지니어링 등 고급 보안 업무를 지원하며, 베타 과정에서 120만 건 이상의 커밋을 스캔하고 3,000건 이상의 취약점을 해소한 성과를냈다. 보안 연구자, 방어 엔지니어링 팀, 취약점 연구자 등이 주요 대상이며, 제로 데이터 보존 환경 등 저시야 환경에서는 접근이 제한될 전망이다.
왜 중요한가
본문
OpenAI is expanding its Trusted Access for Cyber program from a limited pilot to include thousands of verified individual defenders and hundreds of teams tasked with protecting critical software. This expansion also introduces higher access tiers linked to authentication. The centerpiece of this initiative is GPT-5.4-Cyber, a fine-tuned variant of GPT-5.4 designed specifically for defensive cybersecurity work, featuring fewer capability restrictions. This model reduces refusal boundaries for legitimate security tasks and supports advanced workflows such as binary reverse engineering, enabling analysts to inspect compiled software for malware potential, vulnerabilities, and overall security robustness, even without source code. Individual defenders can apply through ChatGPT, while enterprise access is managed through OpenAI sales channels. The most permissive tier is initially available to vetted security vendors, organizations, and researchers. This initiative builds on a broader OpenAI effort that began in 2023 with its Cybersecurity Grant Program and gained momentum in February with the launch of Trusted Access for Cyber alongside GPT-5.3-Codex. At that time, OpenAI characterized cyber work as a dual-use domain and established identity- and trust-based access to facilitate legitimate defenders while maintaining restrictions on malicious use. In March, OpenAI introduced Codex Security, an application security agent that maps project context, validates suspected issues in sandboxed environments, and proposes patches. According to OpenAI, this system scanned more than 1.2 million commits in its beta cohort, identified hundreds of critical issues and over ten thousand high-severity findings, and has since contributed to the resolution of more than 3,000 critical and high vulnerabilities across the ecosystem. The target audience for this program is not general consumers. OpenAI is focusing on security researchers, defensive engineering teams, educators, responsible vulnerability researchers, open-source defenders, and enterprises safeguarding production systems and critical infrastructure. OpenAI emphasizes that access will remain more restricted in low-visibility environments, particularly zero-data-retention setups and third-party platforms where it has less insight into who is using the model and for what purpose. The company’s broader stance is that future models will continue to improve in cyber tasks, necessitating that defensive access, verification, monitoring, and deployment controls scale in parallel rather than waiting for a later threshold.