Sophos has joined the OpenAI Daybreak Cyber Partner Program, becoming one of the cybersecurity firms integrating OpenAI’s frontier AI capabilities into commercial security products and managed services.
The partnership aims to improve threat detection, incident response, and security assessments for the more than 625,000 organizations protected by Sophos worldwide.
Under the program, OpenAI is making its cyber capabilities available through selected security vendors rather than directly to end users.
Sophos said it will initially use the technology in controlled defensive workflows, with its analysts maintaining oversight over AI-generated outputs.
Planned applications include accelerating managed detection and response (MDR) investigations, enhancing security assessments, and helping customers identify and remediate security exposures.
The companies are also collaborating on safety measures and abuse prevention controls intended to reduce the risk of unauthorized use of advanced AI models.
“Frontier AI only protects customers at scale when you have the architecture to deploy it,” said John Peterson, chief technology officer at Sophos.
“Sophos runs the world’s largest agentic SOC, built on a broad portfolio of products engineered to stop AI-enabled attacks. Joining the Daybreak Cyber Partner Program lets us deliver frontier cyber-model capability through those products and services, so customers get that protection without the risk of direct model access. The combination, not access alone, is how defense stays ahead of an adversary that is also using AI.”
Sophos said the integration builds on its existing AI-powered cybersecurity platform. According to the company, its endpoint protection detects attacks by focusing on attack techniques rather than specific software vulnerabilities, while its managed detection and response platform uses AI to resolve 52% of security cases end-to-end with an average response time of 89 seconds, subject to human analyst oversight.
The Daybreak Cyber Partner Program is part of OpenAI’s broader effort to make advanced AI cyber capabilities available through established cybersecurity providers, embedding them into security software and managed services rather than offering unrestricted access to the underlying models.
