Socket is an initial recipient of OpenAI's Cybersecurity Grant Program, which commits $10M in API credits to defenders securing open source software.
April 16, 2026
2 min read
OpenAI has named Socket as one of the initial recipients of its Cybersecurity Grant Program, a new initiative that commits $10 million in API credits to support organizations advancing cybersecurity defense.
The grant comes alongside access to more cyber-permissive frontier models through Trusted Access for Cyber, OpenAI's new identity-based framework for defensive acceleration.
Both programs select for trusted defenders with a proven track record in identifying and remediating vulnerabilities across open source software and critical infrastructure. Fellow recipients include Semgrep, Calif, and Trail of Bits.
Socket uses OpenAI's models inside our malicious package detection pipeline, which analyzes every package and version published to npm, PyPI, and other major registries in near real time. When a package goes live, our system evaluates its code, behavior, metadata, and publishing patterns to assess risk and flag anything that looks like a supply chain attack.
The advantage of frontier models in this pipeline is speed. When attackers ship a malicious package, the window to catch it before downstream projects pull it in is small, often measured in minutes. AI-assisted analysis lets us flag suspicious behavior at a scale human review alone cannot touch.
That pipeline is what allowed Socket to identify the malicious package used in the Axios compromise within six minutes of publication. Defensive AI enables that kind of turnaround, and it is how we protect our users and the open source ecosystem.
Supply chain attacks on open source have gotten faster and more automated over the past two years. High-volume package publishing, AI-assisted malware authoring, and credential theft campaigns targeting maintainers have compressed the time between compromise and impact.
Frontier models give defenders a way to close that gap. The asymmetry that favored attackers for most of the past decade is starting to even out, and the open source ecosystem is the direct beneficiary.
Socket has been investing in this approach since before these programs existed. The OpenAI partnership extends our ability to apply frontier capabilities across the pipeline, from malicious package detection to Certified Patches, which allow for rapid, surgical fixes to known vulnerabilities in open source dependencies.
The Cybersecurity Grant Program and Trusted Access for Cyber are part of a coalition of defenders working together on AI-assisted security. Enterprises supporting the broader effort include Bank of America, BlackRock, BNY, Citi, Cisco, CrowdStrike, Goldman Sachs, JPMorgan Chase, Morgan Stanley, NVIDIA, Oracle, and Zscaler.
Programs like these create a feedback loop between frontier model development and real-world defensive use cases. For Socket, that means continuing to improve detection and mitigation across the open source ecosystem, at greater speed, accuracy, and coverage. We will keep working with OpenAI and the broader defender community to push that boundary further.
Subscribe to our newsletter
Get notified when we publish new security blog posts!
Company News
As AI accelerates how code is written and shipped, Socket is scaling to protect the software supply chain from the growing wave of attacks targeting open source dependencies.
Company News
Socket is scaling to defend open source against supply chain attacks as AI accelerates software development.
Company News
Socket was named to the Rising in Cyber 2026 list, recognizing 30 private cybersecurity startups selected by CISOs and security executives.