OpenAI Launches Patch the Planet to Secure Open-Source Software
Original: OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos
Why This Matters
Addresses critical security gap as AI-powered vulnerability discovery overwhelms under-resourced open-source maintainers with unsustainable bug report volumes.
OpenAI announced Patch the Planet, a cybersecurity initiative with Trail of Bits, HackerOne, and Calif to provide free security consulting to open-source maintainers. The effort aims to help projects identify and fix vulnerabilities while incorporating AI security tools into development processes.
OpenAI revealed multiple cybersecurity announcements on Monday, including an improved version of GPT-5.5-Cyber, expanded international partnerships with governments for trusted access to security models, and release of its Codex Security scanner as an app plug-in. The company launched Patch the Planet, founded with security firm Trail of Bits and developed with HackerOne and Calif, to address growing vulnerabilities in open-source projects. The initiative provides free security consulting to open-source maintainers, helping them find and patch vulnerabilities while strengthening code bases and integrating AI security tools. More than 30 open-source projects are already participating. OpenAI's cyber tech lead Fouad Matin stated the program aims to reduce burden on maintainers by optimizing token usage for code base assessments, validating reports, creating patches, and landing fixes. OpenAI has subsidized Codex Security scanner usage to the tune of 20 trillion tokens for both open-source and private code. Trail of Bits CEO Dan Guido described it as "an internet-scale effort to help open-source software get ahead of AI bug-hunting tools" while showing the benefits of AI coding tools to the community.