IBM announced Monday that it has joined OpenAI's Daybreak Cyber Partner Program.
The alliance aims to bring advanced frontier AI models directly into corporate security operations to help businesses combat digital threats that are now moving at "machine speed." As part of the partnership, IBM introduced a new application security service that uses OpenAI’s cyber capabilities to identify and validate software vulnerabilities more quickly and accurately than traditional tools.
Rather than simply flagging potential issues, the system goes further by assessing whether vulnerabilities are actually exploitable. This approach aims to reduce the flood of false positives that often slow down security teams.
IBM says the service is designed to operate in enterprise environments, using IBM Consulting Advantage, its AI delivery platform, which connects client systems to AI tools in a controlled, governed setup. It runs with read-only access to code repositories and bounded execution, allowing analysis without permitting systems to alter code.
Built for enterprise environments
The service is delivered as a managed offering, allowing organizations to begin with targeted application reviews before scaling up to continuous monitoring as software evolves and new risks emerge.
By embedding AI directly into enterprise workflows, IBM and OpenAI aim to help security teams keep pace with attackers who increasingly use automation and AI to scale their operations.
The partnership also connects to IBM’s cybersecurity initiative, Project Lightwell. Backed by a $5 billion investment from IBM and Red Hat, the project focuses on strengthening the security of open-source software and the wider software supply chain.
Project Lightwell combines engineering teams with AI tools to patch, validate, and manage open-source components. It also draws on OpenAI’s cyber capabilities alongside other frontier models to support code review and remediation at scale.
Industry response to AI-driven threats
The tie-up comes at a moment when AI is rapidly transforming cybersecurity into a double-edged sword.
Tech giants are increasingly racing to lock down defensive capabilities; Google researchers recently leveraged AI to spot a zero-day vulnerability, and Anthropic has noted its models can flag high-level security flaws. Because the same AI reasoning used to spot a bug for defense can be repurposed by bad actors to attack it, building early-warning systems has become a top industry priority.
OpenAI is positioning the partnership as an essential step toward making enterprise AI safe to use at scale.
"Security is central to realizing the benefits of advanced AI," said Dane Stuckey, CISO at OpenAI. "Through the OpenAI Daybreak Cyber Partner Program, we are collaborating with AI pioneers like IBM to use frontier models to accelerate defensive security workflows and support enterprises, governments, and other organizations as they identify risks, strengthen resilience, improve security, and ultimately deploy AI with the trust, controls, and compliance their environments require."
Also read: OpenAI is reportedly exploring an AI smartphone that could rely on agent-based experiences instead of traditional app workflows.