SpecterOps and OpenAI: Helping to Build a New Security Frontier with Daybreak   

Today, OpenAI announced that it is expanding access to its frontier AI cybersecurity capabilities for a trusted circle of industry partners, including SpecterOps, through the OpenAI Daybreak Cyber Partner Program. Since April, SpecterOps has participated in the OpenAI Trusted Access for Cyber program (TAC), through which our researchers have access to advanced cyber-capable models for legitimate security use cases, helping us drive AI cyber innovation. Through the Daybreak Cyber Partner Program, we will work alongside OpenAI to bring the most advanced AI capabilities to our customers, taking a pragmatic approach to cyber defense informed by years of adversary tradecraft and threat research.  

Register for the SpecterOps + OpenAI AI Training Workshop during Black Hat USA 2026

Humans and AI each bring different strengths to cybersecurity 

For years, the conversation about AI in security has centered on replacement: will AI replace the analyst, the red teamer, the CISO? That question misses what is actually happening. The scale of modern enterprise environments has crossed a threshold where human analysis alone cannot keep up. An enterprise-scale organization today may have biillions of attack paths across Active Directory, Entra, Okta, and cloud infrastructure. Employees cycle in and out. Non-human identities multiply. Configuration decisions from five years ago persist in environments no one fully understands anymore. No analyst, no matter how experienced, can hold that graph in their head.  

AI has crossed a different threshold. It can handle the analysis layer at the speed and scale this problem demands. Now the opportunity is to pair that capability with the expertise and judgment of experienced practitioners to evaluate what risks the organization can tolerate, anticipate what an adversary would prioritize given the specific context of this environment, and determine when a technically valid remediation is operationally infeasible. This is the interface where SpecterOps is building and the expertise our team brings. 

Triage is the hard problem in attack path management  

BloodHound maps attack paths. It has done that well for years. The problem that remains is triage. 

When an environment surfaces millions or billions of attack paths, the question defenders face is not whether paths exist, but which paths matter most and in what order to close them. That question requires the model to reason from attacker logic, not just graph topology. An adversary does not take the shortest path from a foothold to a critical asset. They take the path that works given the specific conditions of the environment: what credentials are accessible, which systems are monitored, where trust relationships traverse domain or cloud boundaries, where privilege chains only become dangerous in combination. A prioritization model that reasons only from structure will give different answers than one that reasons from how attackers actually make decisions. That is what our red team does on every engagement. It is the frame we are building into BloodHound’s AI integrations through the TAC program. 

That is the direction we are accelerating toward with Daybreak. Concretely, we are focused on two areas: agent interactions with BloodHound that would surface prioritized remediation guidance — which attack paths carry the most risk, why, and what change eliminates them — and automated analysis to identify enclaves worth protecting, including correlated systems, dense identity groupings, and permission concentrations that indicate where an adversary would focus. Neither of those capabilities is useful if the model reasons only from structure; they require the model to reason from intent. 

Most organizations do not know what their environment actually looks like  

The second area we are exploring addresses a problem that is harder to name but equally consequential: configuration debt has accumulated to the point where many organizations cannot accurately characterize the shape of their own identity environment.  

This is not a failure of intent. It is a structural consequence of how environments grow. A security team inheriting a decade-old Active Directory deployment faces a graph shaped by hundreds of thousands of individual decisions, most undocumented, many made by people who no longer work at the organization. The result is a graph no one fully understands.  

To make this concrete: a PCI-compliant environment should have a defined enclave. In practice, PCI-tagged systems are frequently distributed across domains or non-adjacent network segments, often as a residue of acquisitions, migrations, or incremental changes that made sense individually and created structural exposure in aggregate. The right questions–where the enclave is, why is it spread that way, what does that distribution mean for an adversary with a foothold anywhere near it–rarely get asked because surfacing the answers requires analysis at a scale human review cannot sustain.  

We are exploring automated discovery of correlated systems, identity groupings, permission concentrations, and structural blind spots within BloodHound. The goal is to surface what matters most within an otherwise overwhelming graph, so the humans making remediation decisions are working from an accurate picture of the environment, not an assumed one.  

GhostWorks AI cyber innovation lab is pursuing a parallel research track  

GhostWorks, our AI cyber innovation lab, is applying OpenAI’s frontier cyber capabilities to a different problem set: automating reverse engineering of attacker tooling and implanted software to understand evasion techniques and improve endpoint coverage. That research runs inside GhostWorks’ operational environment and feeds back into the defensive work SpecterOps does across its services and platforms.  

Read more about Ghostworks here.   

Getting the controls right is part of the research  

Finally, SpecterOps is working with OpenAI to codify safety and abuse prevention standards for embedded AI access in security contexts alongside the capability research. AI capabilities embedded in security tooling carry meaningful risk if the access controls, output scoping, and monitoring are not designed correctly from the start. The structure of the access is part of what we are figuring out.  

Defense has always been constrained by the defender’s understanding of how adversaries operate. AI is compressing the time between initial access and material impact. Adversaries who use it well will move faster than defenders who don’t. That is the core premise behind SpecterOps joining OpenAI’s Trusted Access for Cyber program. By embedding OpenAI’s capabilities into our services and technology, we can extend the benefits of frontier AI to our customers without adding operational friction. And as a program partner, we are helping to establish what responsible, embedded AI access looks like at scale across the security industry.