Zscaler has joined OpenAI's Trusted Access for Cyber program, gaining access to GPT-5.4-Cyber and other security-focused models to help enterprises build safer AI agents and detect threats faster. The partnership transforms how organizations approach a critical challenge: as AI systems gain access to sensitive data and tools, the attack surface expands dramatically. Rather than treating security and AI as competing priorities, this collaboration shows how they can reinforce each other .

What Is the Trusted Access for Cyber Program?

OpenAI's Trusted Access for Cyber, or TAC, is a gated-access framework that provides vetted security teams with tiered access to increasingly capable models, culminating in GPT-5.4-Cyber. This variant is specifically tuned for defensive cybersecurity tasks such as vulnerability discovery, binary analysis, and exploit chain reasoning. The program enforces identity verification, usage policies, and safeguards to reduce abuse while putting more powerful analysis tools in the hands of trusted security teams .

By joining TAC, Zscaler gains early, deep access to these capabilities and can embed them directly into detection pipelines, secure software development lifecycle workflows, and red teaming tooling. This distinction matters because it turns frontier models into core infrastructure rather than treating them as a sidecar productivity tool. Essentially, AI becomes compiled into the fabric of how Zscaler builds, tests, and runs its security cloud .

How Are Enterprises Using AI Agents Safely?

Most large enterprises are now juggling three simultaneous challenges: standing up internal large language model platforms and agent frameworks, exposing AI-powered features in customer-facing applications, and connecting those systems to sensitive data in software-as-a-service, infrastructure-as-a-service, and private applications. That stack introduces a new attack surface that traditional security tools were never designed to handle .

Zscaler's OpenAI-powered capabilities address this problem through three concrete approaches:

• Realistic Attack Simulation: Using OpenAI's text, image, and speech models, Zscaler can generate sophisticated, multimodal attack sequences against customers' AI applications, including prompt injection, tool abuse, jailbreaks, and model confusion at a scale and level of creativity that human-only teams cannot match.
• Instant Remediation: The platform goes beyond reporting vulnerabilities by automatically generating optimized system prompts, policy updates, and configuration hardening steps to close discovered gaps, shortening the loop from discovery to fix.
• AI Asset and Agent Analysis: Zscaler analyzes Model Context Protocol tools and AI agents, including source code and integration patterns, to produce a global risk posture for the customer's AI estate, helping organizations prioritize which agents and tools need immediate hardening.

This approach lets enterprises harden AI applications before rolling them out to production. Teams can run red teaming exercises, accept or mitigate findings, and ship with evidence that the system has been tested against frontier-grade adversarial creativity .

Steps to Secure AI Deployments at Enterprise Scale

• Implement Red Teaming First: Use AI-powered red teaming to simulate realistic attacks against your AI agents and applications before they reach production, catching vulnerabilities that traditional security tools miss.
• Apply Zero-Trust Controls: Put AI endpoints, vector stores, and AI gateways behind zero-trust architecture so they are reachable only from authenticated, authorized users and workloads, not from the open internet.
• Build a Unified AI Inventory: Create a centralized inventory of all AI applications, agents, and tools across business units, then apply consistent policies for data access, logging, and red teaming cadence.
• Establish Feedback Loops: Connect findings from red teaming back into secure development practices and platform hardening, while feeding insights from incident response investigations back into detection logic and agent behavior.

Even if AI applications are secured, the rest of the environment must still detect and respond to incidents that move faster than human-only teams can handle. Zscaler's Red Canary managed detection and response model addresses this by pairing OpenAI agents with human analysts in a human-in-the-loop design. AI agents handle tedious tasks such as enriching alerts with context, correlating signals across data pipelines, and assembling timelines and likely root causes, while human experts remain in charge, defining workflows, enforcing guardrails, and validating outputs. This approach helps Zscaler maintain a 99.6% true-positive rate .

Why Does Zero-Trust Matter for AI Infrastructure?

The partnership reinforces Zscaler's core zero-trust message: even as the company leans into AI, it is doing so on an architecture that makes applications invisible to the public internet and eliminates traditional VPN and firewall-based attack surfaces. Large language model endpoints, vector stores, and AI gateways often end up exposed as new public services, creating unnecessary risk. Putting them behind Zscaler's Zero Trust Exchange means they are reachable only from authenticated, authorized users and workloads .

As models gain access to sensitive tools such as databases, software-as-a-service application programming interfaces, and internal applications, zero-trust policies can constrain which users and agents can invoke which tools, from which devices and locations, with full inspection and logging. The net effect is that enterprises can move faster on AI experiments and production deployments because they are building on a platform that assumes compromise, collapses lateral movement, and limits blast radius by design .

For chief information officers and chief information security officers driving AI agendas, Zscaler's OpenAI partnership signals that security and AI can compound rather than collide. Red teaming-as-a-service plus zero-trust controls mean teams can spin up pilots with less fear that a misconfigured agent or endpoint will expose sensitive data. Security can move from being the "department of no" to a partner that offers reusable patterns: red teaming templates, prompt policies, AI guardrails, and network controls that come pre-validated .

With AI asset discovery and analysis, organizations can build a unified inventory of AI applications, agents, and tools and apply consistent policies across business units. GPT-5.4-Cyber's analysis capabilities can help normalize findings and recommendations, avoiding the anti-pattern where every team does AI security differently, which slows approvals and increases risk. Because all three loops,build, attack, and respond,are now AI-accelerated, the overall time-to-secure can keep pace with time-to-deploy, which is the core bottleneck for many AI programs today .