News
NASK Becomes First Institution in Region to Gain Access to GPT-5.5 Cyber

NASK, Poland's cybersecurity research institute, and its CERT Polska team have received access to GPT-5.5 Cyber, a specialized OpenAI model variant for malware analysis and vulnerability detection, under the Trusted Access for Cyber program.
NASK, the state research institute responsible for Poland's cybersecurity, has been granted access to GPT-5.5 Cyber - a specialized variant of OpenAI's latest model built for malware analysis and digital forensics. It is the first such case in Central and Eastern Europe.
The Trusted Access for Cyber program is an identity-verification and trust-based mechanism from OpenAI, designed to ensure that advanced offensive-defensive tools reach only vetted security teams - government agencies, critical infrastructure operators, security vendors, cloud platforms and financial institutions. Access to GPT-5.5 Cyber itself remains limited and has so far been reserved mainly for US entities.
Why Poland
The decision to make the tool available to Poland was made by the US administration, which at the same time denied similar access to many other countries on national security grounds. The European Commission had sought comparable permissions for EU institutions, without success. NASK director Dr. Radosław Nielek links the decision to the international reputation the institute has built through its technical work to date.
This reflects the reputation and international recognition we have earned through solid technical work - Dr. Radosław Nielek, director of NASK
Nielek also points to Poland's specific geopolitical position as a factor that accelerated the decision. In an interview, he stressed that the proximity of the ongoing armed conflict translates directly into the scale of threats aimed at Polish systems.
We are a frontline state, war is being waged next to us, and that brings a growing number of attacks - Dr. Radosław Nielek, director of NASK
What the model does in practice
GPT-5.5 Cyber is a variant of GPT-5.5 with extended context and working memory, tuned for code analysis and forensic work. The CERT Polska team, led by Marcin Dudek and responsible for responding to incidents in Polish cyberspace, uses it to analyze malware, conduct digital forensics and detect vulnerabilities in public administration systems, businesses and NASK's own solutions. The model can also link seemingly unrelated flaws into a single attack chain, work that previously took analysts weeks.
Our experts absolutely need access to solutions like this to effectively find and fix vulnerabilities before attackers do - Marcin Dudek, head of CERT Polska
Patching versus exploitation
The key argument for granting access concerns the speed at which criminals can now exploit a newly disclosed vulnerability. After a security patch is published, attackers can analyze it and produce a working exploit within hours, not weeks as was the case until recently. This phenomenon is described as a vulnerability flood, where the number of flaws discovered and rapidly weaponized with AI now exceeds the capacity of traditional defense teams to keep up.
For Polish companies and public institutions, this signals faster patching cycles ahead for systems that NASK will cover in its analysis, including critical infrastructure, where attacks targeting the energy sector, such as the December incident involving wind farms and a power plant, have already shown the scale of the threat.
Broader context
NASK's access to GPT-5.5 Cyber is part of OpenAI's broader Daybreak program, which aims to reverse the current asymmetry of power online in favor of defenders rather than attackers. Poland is among a small group of countries outside the United States included in the program, which experts also link to earlier restrictions imposed by the US administration on foreign access to similar competing tools, including Anthropic's Claude Mythos model.
Sources: Rzeczpospolita (rp.pl), Android.com.pl (android.com.pl), PurePC (purepc.pl)

