Tech

OpenAI unveils GPT-Red to automate cyber defence red-teaming

The company provided an exclusive overview of the automated safety evaluation tool to MIT Technology Review, marking a shift in how AI developers test for security flaws.

Author
Mara Ellison
Science and Space Editor
Published
Draft
Source: MIT Technology Review · original
The Download: OpenAI unveils GPT-Red and heat pumps rise in the US
New large language model acts as 'super-hacker' sparring partner to identify vulnerabilities in other systems

OpenAI has unveiled GPT-Red, a large language model engineered to function as an automated 'super-hacker' sparring partner. The system is designed to automate red-teaming, a security practice involving simulated attacks to test system resilience, which is traditionally conducted by human testers. The primary objective is to identify vulnerabilities and bolster defences against cyberattacks on OpenAI’s other models.

Red-teaming is a standard security protocol that involves attempting to break or hijack a system to find diverse methods of exploitation. By automating this process, GPT-Red aims to find as many different ways to compromise a system as possible. This represents a strategic shift towards automating safety evaluations for software systems, allowing OpenAI to potentially stay ahead of human attackers.

The company provided MIT Technology Review with an exclusive overview of the system. According to the report, the tool is specifically engineered to simulate the actions of human adversaries, helping the company identify weaknesses before they can be exploited by malicious actors. The unveiling highlights the growing reliance on artificial intelligence to secure other artificial intelligence systems.

While the term 'super-hacker' is used to describe the model's capabilities, it serves as a descriptive label rather than a technical classification. Claims that GPT-Red will keep the company ahead of human attackers are prospective aims rather than guaranteed outcomes. The specific technical architecture or performance metrics of the model were not detailed in the source material.

It remains unclear whether GPT-Red has been fully deployed for internal use or if it currently functions as a research prototype. The introduction of the tool underscores the increasing complexity of AI security and the need for automated, scalable methods to test system integrity against evolving threats.

Continue reading

More from Tech

Read next: Ofcom probes TikTok’s child safety protocols amid age verification scrutiny
Read next: Proton CTO warns of exodus from Europe as encryption laws tighten
Read next: Moonshot AI’s Kimi K3 set to challenge Anthropic as valuation targets $31.5 billion