OpenAI launches GPT-5.2-Codex for agentic coding and cyber defence
New model targets long-horizon software engineering, Windows support, and trusted access for defensive cybersecurity.
OpenAI has introduced GPT-5.2-Codex, described as its most advanced agentic coding model for real-world software engineering and defensive cybersecurity. The model builds on GPT-5.2 with features that aim to make long-horizon coding work more dependable and token-efficient, according to the company.
What is GPT-5.2-Codex?
Positioned as a specialised variant of GPT-5.2, the new release is optimised for agentic coding inside Codex. OpenAI says GPT-5.2-Codex introduces native context compaction to preserve the most important information over extended sessions, stronger performance on large-scale code changes such as refactors and migrations, and improved reliability in Windows environments.
The company added that the model is designed to act as a more dependable partner for complex software projects that span hours of autonomous work.
Built for long-horizon coding
OpenAI notes that GPT-5.2-Codex is better at long-context understanding, reliable tool calling, and factuality, which together help it work across large repositories without losing track of earlier steps. These advances extend the direction set by GPT-5.1-Codex-Max, which introduced multi-window operation through compaction to maintain coherence over millions of tokens in a single task.
Benchmarks and claimed performance
The company reports state-of-the-art results on SWE-Bench Pro and Terminal-Bench 2.0, evaluations that simulate realistic terminal-based development tasks. While benchmarks provide a standardised way to compare models, OpenAI emphasised that GPT-5.2-Codex’s gains are intended to translate to practical improvements in areas like refactoring, debugging, and sustained agent loops in production-like environments.
How will trusted access work for security teams
As models improve at cyber tasks, OpenAI says it is piloting an invite-only trusted access programme for vetted professionals and organisations engaged in defensive cybersecurity. Participants would receive access to the most capable models for legitimate dual-use work, such as authorised red teaming, malware analysis to support remediation, and stress testing of critical infrastructure, subject to safeguards and monitoring.
Safety posture under the Preparedness Framework
OpenAI’s addendum to the GPT-5.2 system card states that GPT-5.2-Codex does not reach a High capability rating on cybersecurity under its Preparedness Framework, although it is very capable in the domain. The model is deployed with layered mitigations, including specialised safety training for harmful tasks, agent sandboxing, and configurable network access, and OpenAI indicates it is taking a precautionary approach as capabilities increase.
GPT-5.2-Codex follows the wider rollout of GPT-5 in August and the frontier coding model GPT-5.1-Codex-Max in November, both positioned as steps towards more reliable reasoning and longer-running agentic work. Together, these releases suggest a strategy of separating general-purpose reasoning systems from specialised coding agents within the Codex workflow.