Doppel Deploys OpenAI GPT-5 to Automate Real-Time Phishing Threat Response
Executive Summary
Cybersecurity firm Doppel has integrated OpenAI's GPT-5 and o4-mini models into its AI defense system to combat rapidly scaling online impersonation and phishing attacks. By leveraging a technique called reinforcement fine-tuning (RFT), Doppel's platform now autonomously detects, classifies, and mitigates threats in minutes instead of hours. This automation has reportedly cut analyst workloads by 80% and tripled the company's threat-handling capacity, allowing it to counter AI-generated scams at internet scale.
Key Takeaways
* Performance Gains: The system reduces manual analyst workloads by 80%, triples threat-handling capacity, and cuts threat response times from hours to minutes.
* Technology Stack: It utilizes OpenAI's GPT-5 for complex threat reasoning, the o4-mini model for classification, and a combination of heuristics for initial signal filtering.
* Reinforcement Fine-Tuning (RFT): Doppel uses RFT to train its models on its own human analysts' decisions, creating greater consistency and accuracy, especially for ambiguous edge cases.
* Automated Pipeline: The platform automates a multi-step process: filtering millions of daily signals, confirming threat intent, classifying the threat (malicious, benign, or ambiguous), and initiating takedowns for high-confidence threats.
* Enhanced Transparency: The system automatically generates natural-language justifications for its actions, providing customers with immediate insight and building trust in the automated process.
* Future Application: Doppel plans to apply this automated framework to other threat surfaces, including social media, paid ads, and messaging channels.
Strategic Importance
This implementation showcases a practical, high-stakes application of advanced LLMs in cybersecurity, demonstrating how AI can be used defensively to counter AI-generated threats. For OpenAI, it serves as a powerful case study for the enterprise value of its models and fine-tuning capabilities in real-time, mission-critical operations.