Sunday, July 12, 2026

News

Poland Becomes Third European Country With Access to GPT-5.5 Cyber

PolandPatryk Raba
Fot. Adrian Grycuk, Wikimedia Commons (CC BY-SA 3.0 pl)

NASK and CERT Polska have received access from OpenAI to GPT-5.5 Cyber, a specialized model meant to speed up vulnerability detection and patching across Poland's public administration systems.

Contents
  1. What the Model Can Do
  2. Who Is Behind the Rollout
  3. Vendor Rivalry
  4. What It Means for Poland

NASK has joined a small group of institutions worldwide granted access to GPT-5.5 Cyber, a specialized OpenAI model built for vulnerability detection, malware analysis, and preparing security patches. Poland is the first country in Central and Eastern Europe, and the third in Europe overall, to gain access to the tool, which will be used by the CERT Polska team.

OpenAI's decision to grant Poland access to GPT-5.5 Cyber was made under the Trusted Access for Cyber program, aimed at trusted government institutions and incident response teams. It is part of the broader Daybreak platform, which OpenAI is developing to help defend critical digital infrastructure. Until now, similar access had mainly gone to partners from Five Eyes alliance countries, namely the United States, the United Kingdom, Canada, Australia, and New Zealand.

What the Model Can Do

GPT-5.5 Cyber is a variant of OpenAI's model adapted for code analysis and digital forensics, with an expanded context window and extended working memory. In practice, this means it can search massive codebases for vulnerabilities, analyze malware samples, and help experts assess the impact of threats and prepare fixes. The model does not replace analysts, but is meant to cut the time these tasks take from weeks or months down to a matter of hours.

The same capability that helps a defender find a vulnerability and prepare a fix could, in theory, also help an attacker. That is why access to the tool is tightly restricted, and decisions on how to act on its findings are always made by a human, not the system itself.

This recognition was earned through solid, substantive work - Dr. Radosław Nielek, director of NASK
Detecting vulnerabilities used to take weeks or months, today it can be a matter of hours - Joanna Chmielak, Fortinet representative

Who Is Behind the Rollout

Practical use of the tool will fall to the CERT Polska team, which has handled network security incidents in Poland since 1996 and operates within NASK, a state research institute. Team head Marcin Dudek stressed that CERT Polska's experts urgently need access to tools like this to keep pace with how quickly attackers exploit newly discovered vulnerabilities.

Vendor Rivalry

Poland's access to GPT-5.5 Cyber fits into a broader trend of major AI labs competing to become governments' partner of choice in cyberdefense. Anthropic is developing a competing security model under its own Project Glasswing program, which it offers to select public institutions. Both approaches rest on the same premise: language models that can read and analyze code faster than a human team could become a key element in defending critical infrastructure against attacks.

What It Means for Poland

For Poland's public administration, access to GPT-5.5 Cyber represents a real opportunity to patch vulnerabilities in government systems faster, before they can be exploited by cybercriminals or groups linked to foreign states. Poland has for years been among the EU countries most frequently targeted in cyberspace, in part due to its support for Ukraine, so faster access to offensive vulnerability-analysis tools could meaningfully improve the resilience of national systems.

Experts note, however, that tools of this kind require precise procedural safeguards, since the same capabilities could be used to prepare an attack if access fell into the wrong hands. NASK says use of the model is subject to strict controls, and that all decisions on remedial action are made by people, not the algorithm.

The coming months will show whether access to GPT-5.5 Cyber translates into a real change in Poland's incident statistics, and whether similar tools will reach other institutions responsible for the country's digital security beyond CERT Polska.

Sources: PurePC.pl, Rzeczpospolita (rp.pl)

Share: