OpenAI announced the 'Patch the Planet' initiative, powered by its Daybreak system and developed with Trail of Bits, to support maintainers of critical open-source software. It combines AI-assisted vulnerability research using OpenAI's most cyber-capable models with expert human review to both discover and help remediate issues, addressing the surge in reports from AI-accelerated discovery.
The program is designed to reduce rather than increase the burden on maintainers who face more reports with limited resources. Security engineers validate findings before they reach maintainers, collaborate on developing patches and tests, and create reusable workflows for ongoing security improvements. Trail of Bits has committed its entire security research organization to the initial surge for investigation, validation, patching, and coordinated disclosure.
Additional partnerships with HackerOne and Calif will expand efforts in vulnerability triage, coordinated disclosure, and focused discovery. Each engagement begins with consultation to understand the project's specific needs, preferences, and priorities such as validation, patch development, CI/CD enhancements, or longer-term security engineering. Once aligned, researchers proceed with investigation and remediation support.