Skip to main content
OpenAI

Request OpenAI Pilot: Trusted Access For Cyber

Trusted Access for Cyber enables vetted enterprise customers and cybersecurity practitioners to use our most capable models for dual-use cybersecurity work. We view these capabilities as powerful force multipliers for network defenders, while recognizing that malicious actors may seek to exploit the same tools to increase the scale and sophistication of their operations.

Trusted Access for Cyber mitigates this risk by requiring members to provide additional identification and professional use-case information. While these measures are not expected to prevent all potential misuse, they work in combination with our existing cyber safeguards to meaningfully reduce the risk of harm, enabling us to make higher-risk, higher-impact capabilities available to a broader community of defenders.

Requirements to join:

  • Accurate completion of this application in its entirety; inaccurate or incomplete information may result in delays or failure to onboard
  • Willingness to provide additional information or clarifications requested by OpenAI prior to and following access

Customer / Entity Details

A. Organization identification

Click here(opens in a new window) to find yours.

B. Primary point of contact (submitting individual)

C. Relationship with OpenAI

Professional Use Case

D. How do you plan to leverage Trusted Access to Cyber?

Legal terms

This Application intake form, the responses provided herein, and these legal terms (collectively, the “Intake Form”), form part of the agreement between OpenAI and the entity named in Section A above (“Customer”) for services (“Services Agreement”), and govern Customer’s access to models made available to you through Trusted Access for Cyber (“TAC”). If there is any conflict between this Intake Form and the Services Agreement, this Intake Form controls.

  1. Representations and Warranties. Customer represents and warrants that the Intake Form is true and correct in all respects, and Customer will notify OpenAI if there are any material changes to the information submitted in the Intake Form during the term in which TAC is used. Customer acknowledges and agrees that provision of false or misleading information in the Intake Form, or any failure to notify OpenAI in writing if any information provided in the Intake Form has changed or is no longer complete and accurate, will constitute a material breach of the Agreement.

  2. Approved Use Case. Participation in Trusted Access for Cyber comes with heightened responsibility. Access to advanced cyber capabilities is granted only for legitimate, defensive, and authorized security purposes (“Approved Use Cases”). Approved Use Cases are intended to enable real-world security testing, vulnerability research, and defensive readiness and do not include uses that may cause harm, disruption, or unauthorized access. You must only use TAC for the Approved Use Cases and in compliance with OpenAI’s usage policies at: https://openai.com/policies/usage-policies/, as well as OpenAI’s Cyber Abuse Policy below.
    Cyber Abuse Policy: We disallow use of our services to facilitate cyber abuse: the compromise of the integrity, confidentiality, or availability of an information system—to include ‘dual-use’ cyber activities carried out with malicious intent, without proper authorization, or in excess of granted authorization.

  3. Approved Access Credentials. “Approved Access Credentials” are, collectively, the Org ID and specific end user IDs approved by OpenAI for any Approved Use Case. Customer is responsible for all activities that occur using the Approved Access Credentials. Customer may not share or otherwise make the Approved Access Credentials available to any entity or individual not disclosed on the Intake Form, or share or sell access to the capabilities provided under the Approved Access Credentials to third parties. Customer must immediately notify OpenAI if it becomes aware of or reasonably suspects unauthorized access or use of Approved Access Credentials, including any use of TAC for a purpose that is not an Approved Use Case.

  4. Additional Actions. OpenAI will have the right to take any action it deems necessary, in its sole discretion, to preserve the safety, security and integrity of the Services or its business, including, without limitation, suspending or terminating TAC without refund, requiring additional documentation or assurances to permit continued TAC, conditioning TAC use on Customer’s acceptance of additional requirements or limitations, and pursuing all legal and equitable remedies permitted by applicable laws.

  5. Indemnification. Notwithstanding anything to the contrary in the Services Agreement, Customer will indemnify, defend, and hold OpenAI and its affiliates harmless against any liabilities, damages, and costs (including reasonable attorneys’ fees) payable to a third party arising out of any use of the Approved Access Credentials in violation of this Intake Form. Limitations on liability in the Services Agreement do not apply to this Intake Form.

  1. I have reviewed the Intake Form and I declare and confirm that the information provided is accurate and complete to the best of my knowledge and belief after due inquiry and reasonable diligence.

  2. I have requisite authority to sign this form on behalf of the Customer and have obtained all internal approvals required to pursue TAC.

  3. I will notify OpenAI in writing immediately if I learn that any information in this Intake Form is not, or is no longer, accurate and complete.

  4. Customer agrees to the legal terms in this Intake Form, which are hereby incorporated into the Service Agreement.