OpenAI recently announced Daybreak, its vision for making agentic application security faster and more capable. While promising, Daybreak will also make security more expensive per unit of work. In this model, customers will pay for tokens and multiagent workflows burn tokens.

CISOs and CIOs should budget for application security (AppSec) line-item inflation, not deflation, with this approach. The use of models such as Mythos and GPT-5.5 are unavoidable due to the capabilities they offer, but CISOs should expect their Snyk, Veracode, Checkmarx, GitHub Advanced Security, and Sonatype contracts to coexist with Daybreak for the foreseeable future, rather than be immediately displaced by it.

Daybreak will not lower the cost of cybersecurity. It raises the standard of what counts as cybersecurity and then bills you per token to meet it.

The announcement is also a stark contrast to Anthropic’s Glasswing announcement. It’s more focused on the commercial realities of the capability than the idea of responsible disclosure.

Token Economics Have Arrived In Cybersecurity

OpenAI’s Daybreak page doesn’t include a price list. Instead, prospective buyers can “Request a vulnerability scan” or “Contact sales.”

The offering is built on three model tiers: GPT-5.5 standard, GPT-5.5 with Trusted Access for Cyber, and GPT-5.5-Cyber for limited-preview red-teaming.

GPT-5.5 standard is publicly priced at $5 per million input tokens and $30 per million output tokens, with a 2x input multiplier above 272K context and a 10% data-residency uplift.

GPT-5.5-Cyber list pricing is not currently public. Anthropic’s Mythos Preview, the closest comparable, is priced at $25 input and $125 output — 5x Opus 4.7 — and access is gated to the 12 founding Glasswing partners plus 40 additional vetted organizations.

OpenAI’s own developer documentation on the Codex subagents page states that “subagent workflows consume more tokens than comparable single-agent runs.” Cost impact is not clearly shown before launching subagents. A multiagent Codex Security scan that does threat modeling, sandbox validation, patch generation, and audit-evidence emission across a real enterprise repo could plausibly burn millions of tokens per pass. If this were run weekly across a Fortune 500 application portfolio, the per-scan economics start to make legacy AppSec vendors look inexpensive in comparison.

If Daybreak’s pricing model is token-anchored, it will be the opposite of what enterprise security buyers know how to model and budget for. Today, proactive security platforms typically use asset-based pricing, which provides some predictability. This contracts to traditional application security solutions, which are typically priced per contributing developer or per application/project.

CISOs Face Five Buyer-Side Implications

Plenty of launch-day analysis treats Daybreak as a substitute for incumbent AppSec vendors. The realistic 12–24-month buyer outcome is that there will be additive cost, additive complexity, and additive integration work. Five additional implications follow:

  1. AppSec budget lines inflate, not deflate.

The marketing implication that Snyk, Veracode, Checkmarx, GitHub Advanced Security, and Sonatype will be made redundant in the short term is not the practical outcome. Efficiently and reliably scanning thousands of lines of code and their dependencies ensures a deterministic, automated process for finding and fixing vulnerabilities using current tools, thereby conserving tokens. AI models can then be used to identify the complex issues they excel at. Keeping these AppSec solutions also allows organizations to swap coding agents in and out without changing DevSecOps practices and provides a separation of duty where the code writer is not the code checker.

Daybreak is a Trusted Access program that integrates with those tools rather than replacing them. The realistic Fortune 500 fiscal-year 2027 budget will likely read: incumbent AppSec spend unchanged at $200,000 to $1 million-plus, plus a new Daybreak engagement line at $250,000 to $2 million-plus per major repo footprint, plus OpenAI Deployment Company FDE fees on top.

Short-term disruption is more likley in the penetration testing vs. AppSec markets. Continuous assessments from OpenAI, Anthropic, and commercial AI-led pentest tools such as XBOW have benefits compared against expensive, static pentest engagements that run $50,000 to $150,000 per assessment. Plan for both pentest and AppSec line items to coexist through at least FY2027.

  1. FinOps for AI becomes a hard security buyer requirement, not just a developer-tooling concern.

Reports of subscription budgets depleting in a single day are common. Security buyers know less about model economics than developer-tools buyers. Deloitte’s 2026 “AI tokenomics” guide for CFOs documents AT&T tripling daily token consumption from 8 billion to 27 billion within months despite 90% per-task cost reduction. CISOs need token budgets, model routing rules, loop limits, and per-team attribution governance as elements of their security program.

  1. Trusted Access for Cyber partners is a primary integration point.

The Daybreak partner list of Akamai, Cisco, Cloudflare, CrowdStrike, Fortinet, Intel, Netskope, Okta, Oracle, Palo Alto Networks, Qualys, Rapid7, Semgrep, SentinelOne, Snyk, Socket, SpecterOps, Tenable, Trail of Bits, and Zscaler establishes that this will be a multivendor delivery model. In this model, OpenAI supplies the AI models while existing security vendors deliver the workflow, tracking, and deployment.

Daybreak emits audit-ready evidence back into existing systems of record. This means, for example, that vendors like CrowdStrike, Qualys, Rapid7, Snyk, and Tenable will remain the systems of record.

The labs are not building a workflow product to replace proactive security workflow stacks that enable vulnerability visibility and remediation processes. Therefore, buyers should negotiate Daybreak as an attach rate item, not a standalone product.

  1. Financial-services marquee accounts set the contract floor for everyone else.

Bank of America, BBVA, BlackRock, BNY, Citi, Goldman Sachs, JPMorganChase, Morgan Stanley, and U.S. Bank are OpenAI’s named reference customers. Several are also Anthropic’s named reference customers from its May 5 financial services briefing. Whatever those nine institutions negotiate on data residency, audit-evidence retention, model versioning, incident-response SLAs, and contractual token ceilings will become the public benchmark.

This is good news, as these organizations have extensive compliance requirements and a deep history of strong cybersecurity practices, but these companies also make money out of money — literally — and have some of the largest budgets for cybersecurity of any industry. This means that they exist in a world where “affordability” means something very different to them than it means to your organization.

  1. The FDE shortage is the binding constraint on adoption.

Frontier model providers depend on forward-deployed engineers (FDEs) to help customers adopt their capabilities. The scarcity of available FDEs limits the ability to quickly scale AI rollouts. To address this, OpenAI acquired Tomoro to form the OpenAI Deployment Company, which currently has roughly 150 FDEs. Anthropic announced a joint venture with Blackstone, Goldman Sachs, and Hellman & Friedman to provide applied AI engineers at yet-undisclosed scale.

Combined, these FDEs are a fraction of the footprints of consultancies such as Accenture, Capgemini, or Deloitte’s footprints. The realistic Daybreak rollout pattern through 2027 is FDE-led pilots followed by SI-led production scale. Coinvestors in Daybreak include Bain & Company, Capgemini, and McKinsey, which heralds the likely handoffs for strategy development, piloting, and scaling.

Buyers should plan their timelines accordingly. Expect Daybreak deployment to extend, not compress, in 2026 and 2027. Contract for an SI handoff (e.g., Accenture, Capgemini, Deloitte, IBM Consulting) as the production-scale operating partner as a consulting offering for now and a managed offering in the near future.

CISOs, CIOs, And CFOs Should Take These Three Actions In The Next Two Quarters

Daybreak is evaluation-ready, but that is not nearly the same as being procurement- and production-ready. Take the following three actions as you evaluate Daybreak and its implications:

  1. Negotiate access to Daybreak, just like with Mythos. Experiment with Daybreak but in limited fashion. Treat the OpenAI relationship as being complementary to your other tools to understand what this means for your organization in the coming years. There’s no clear winner yet on frontier models, so balancing commitments for the foreseeable future is crucial. You’ll likely need to utilize several of these models, not just OpenAI and Anthropic. Mozilla set a precedent with its recently published blog on how it built an agentic harness on top of its fuzzing infrastructure, which allows for swapping alternate and new models as they become available.
  2. Ask your developer leaders for lessons on token consumption. Establish limits, overages, and approvals for token usage. The 10% regional-processing uplift on GPT-5.5 is in OpenAI’s public pricing. Assume similar or larger uplift for GPT-5.5-Cyber.
  3. Bring your FinOps team into your security program. AI FinOps can help model the business impact of model use. Use variables like token budgets per repo, per scan, or per workflow as an example. Also factor in per-team and per-security-personnel attribution for token consumption to ensure that your budgets stay within expectations and forecasts.

Connect With Us

Forrester clients with questions related to Daybreak can connect with us through an inquiry or guidance session.