Threat Detection & DefensePress Release

Sophos Joins the OpenAI Daybreak Cyber Partner Program to Strengthen Customer Defence with Frontier AI

Combining Agentic SOC and Prevention Architecture with OpenAI’s Cyber Capabilities to Help Protect the More Than 625,000 Customers It Defends

Sophos, a global cybersecurity leader, has announced it has joined the OpenAI Daybreak Cyber Partner Program, bringing the company’s latest AI cyber capabilities to defenders. Sophos is applying that capability within its products and services, turning frontier models into protection for the more than 625,000 organisations it defends worldwide.

Frontier models are reshaping cyber conflict. They can find vulnerabilities at scale, generate working exploits, and compress the time between a flaw being disclosed and exploited. The same capability that helps defenders find and fix weaknesses lets attackers discover and exploit them faster than traditional defences can respond. While access to frontier AI for defence is advancing quickly, these models are most effective when an organisation has the architecture to operationalise them safely at scale and the reach to deliver that benefit broadly. Sophos has both.

Through the programme, OpenAI is expanding from internal testing to defensive tools and workflows delivered through trusted partners, scoped product integrations, and managed services for end customers. The goal is to bring OpenAI’s cyber capabilities into the tools, services, and workflows that defenders already use. Sophos is adopting these in a deliberate, phased way, beginning with defensive workflows and scoped outputs, with Sophos analysts and controls in the loop rather than direct customer access to the models. Early focus areas include accelerating MDR threat investigation, deepening the security assessments delivered by Sophos Advisory Services, and strengthening how customers discover, validate, and remediate exposure. The companies are also working to codify standards for safety and abuse prevention, along with the controls needed to monitor and prevent unsanctioned activity.

“Frontier AI only protects customers at scale when you have the architecture to deploy it,” said John Peterson, Chief Technology Officer at Sophos. “Sophos runs the world’s largest agentic SOC, built on a broad portfolio of products engineered to stop AI-enabled attacks. Joining the Daybreak Cyber Partner Program lets us deliver frontier cyber-model capability through those products and services, so customers get that protection without the risk of direct model access. The combination, not access alone, is how defence stays ahead of an adversary that is also using AI.”

These capabilities integrate into a defence system to stop advanced threats. Sophos Endpoint blocks AI-generated zero-days by targeting the techniques an attack must use, not the specific vulnerability it exploits, so new flaws cannot complete an attack without triggering mitigations already in place. Sophos managed detection and response (MDR) operates as an agentic security operations centre (SOC), resolving 52% of cases end to end with AI, with an average response time of 89 seconds, and human analysts maintaining oversight throughout. Together, Sophos’ agentic SOC and prevention-first architecture provide a trusted enterprise context for OpenAI’s cyber capabilities, helping frontier AI translate into measurable protection for every customer Sophos defends.

These capabilities reach organisations across every segment, including enterprise, mid-market, and commercial organisations, through one of the industry’s largest managed service provider (MSP) and channel ecosystems—so frontier AI strengthens the defences of organisations regardless of their resources or budget.

The work aligns with the premise behind OpenAI’s Daybreak Partner Program: that the next era of cyber defence should be engineered into software from the start. It is the same principle Sophos applies through Secure by Design, building security into products from the foundation so customers are protected by default and the responsibility for safety rests with the vendor.

For more, please visit: https://openai.com/index/daybreak-securing-the-world/.

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *