Join our daily and weekly newspapers for exclusive content on the latest updates and industry-composure AI coverage. learn more
With cybartax that accelerates machine speeds, open-sources large language models (LLMs) have quickly become infrastructure that enables startups and global cyber security leaders and enables to deploy and deploy a lodible, cost-affected defense against rapidly developed hazards than human analysts.
The initial benefits of the open-source LLMS from time to time have set up a scalable, safe foundation to distribute the infrastructure by the initial benefits of the market, more adaptability and low cost. In the last week RSAC 2025 conference, Cisco, Meta And Projectdiscovery The new open-source LLM and a community-operated attack surface innovation announced the future of open-sources in cyber security simultaneously.
One of the major takeaairs from this year’s RSAC is a change in the open-source LLM to expand and strengthen the infrastructure on the scale.
Open-source AI is on the verge of giving many cyber security leaders for years, which is the ability of many cyber security providers to join the forces against rapidly complex threats. An integrated, open-source LLM and the vision of being associated in creating infrastructure is close to one step, given the announcements in the RSAC.
Jeetu Patel, Chief Product Officer of Cisco, emphasized in his keynote speaker, “The true enemy is not our competitor. It is really opposed. And we want to ensure that we can provide all types of equipment and the ecosystem band can do together so that we can actually fight against opponents collectively.”
Patel said of the urgency of taking such a complex challenge, “AI is originally changing everything, and cyber security is in the heart of all this. We are no longer dealing with the dangers on human-fame; these attacks are happening on machine scale.”
Cisco’s Foundation-SEC-8B LLM has defined a new era of Open-SOS AI
New established Cisco’s new Foundation ai group The company arises from the recent acquisition Strong intellectFoundation AI’s focus is on the domain-specific AI infrastructure clearly distributing cyber security applications, which are the most challenging to solve. Made on the Lama 3.1 architecture of the meta, it is not a retrofitted general-revered AI, 8 billion parameters, open-weight large language models. This purpose was made, the in-house was carefully trained by the Cisco Foundation AI on a cybercity-specific dataset.
“By their nature, problems in this charter are the most difficult in AI today. To make technology accessible, we decided that most of the work we do in Foundation AI should be open. All of them allow for the effects of working in the open innovation industry, and it plays a particularly important role in cybercity domains,” Write Security in Yaron Singer, AI’s VP and Foundation.
With the Open-SOS anchoring Foundation AI, Cisco has designed a skilled architectural approach for cyber security providers, usually competing with each other, selling comparable solutions, to become a more integrated, rigorous defense.
singer Write“Whether you are embedding in existing equipment or building a completely new workflows, Foundation -Sek -8B adapters to your organization’s unique needs.” Cisco’s blog post The announcement of the model recommends that the security teams apply the foundation -SEC -8B in the safety life cycle. In cases of potential use recommends for the Cisco model, including the SOC acceleration, active danger defense, engineering enabled, AI-Sasisted Code Review, configuration and custom integration.
Foundation-SEC-8B’s Weight and Tokar have been opened under the permissible Apache 2.0 license Throat faceSellers maintain enterprise-level adaptation and deployment permission, compliance and privacy control without lock-in. Cisco’s blog has also notes plan to open training pipelineFurther promoting community-driven innovation.
Cyber security is in LLM’s DNA
Cisco selected to create a cyber security-specific model adapted to the needs of SOC, Devsecops and large-scale security teams. Re-starting an existing, generic AI model will not reach their goals, so the Foundation AI team engineers their training using large-scale, extension and well curate cyber security-specific dataset.
By taking a more accurate-centered approach to the manufacture of models, the Foundation AI team was able to ensure that the model deeply understands the real-world cyber threats, weaknesses and defensive strategies.
The main training dataset included the following:
- Religion database: The detailed cves (general weaknesses and exposure) and CWS (calculation of general weakness) are included to indicate known threats and weaknesses.
- Danger behavior mapping: Proven security structure structured Miteer Att & CKProviding reference on attacker functioning and behavior.
- Danger Intelligence Report: Widespread insights obtained from global cyber security events and emerging hazards.
- Red-Team Playbook: Strategic plans outlining the real world adverse techniques and entry strategies.
- Real world event summary: Analysis analysis of cyber security violations, events and their mitigation paths.
- Compliance and Safety Guidelines: National Institute of Standards and Technology (Befall) Framework and Open Worldwide App Security Project (Ovaspa) Safe coding theory.
This tilated training Regimen Foundation-8B offers significantly increased accuracy, deep relevant understanding, and quick danger reaction capabilities, significantly increased compared to general-affected options, to excel in complex cyber security functions.
Benchmarking Foundation -SEC -8B LLM
Cisco’s technical benchmarks show that Foundation -SEC -8B compares cyber security performance to a fairly larger model:
| Benchmark | Foundation -second -8B | LLAMA-3.1-8B | LLAma-3.1-70B |
| CTI-MCQA | 67.39 | 64.14 | 68.23 |
| CTI-RCM | 75.26 | 66.43 | 72.66 |
By designing the Foundation model to be cyber security-specific, Cisco is enabled to achieve more efficiency with Siso SOC teams to gain more efficiency with advanced danger analysis, so that high infrastructure costs can be paid to achieve it.
Cisco’s broad strategic vision, detailed in your blog, Foundation AI: Strong intelligence for cyber security, Common AI integration addresses the common-purpose model, insufficient dataset and heritage system integration difficulties including alignment of domain alignment of difficulties. Foundation -SEC -8B is specifically designed to navigate these obstacles, which is moving efficiently on the minimum hardware configuration, usually only one or two requires only one or two. Nvidia A100 GPU.
Meta also underlined its open-source strategy in the RSAC 2025, which expands the AI defenders suit to strengthen safety in generic AI infrastructure. His open-source toolkit is now included llAmma Guard 4, Improvement in compliance monitoring within AI Workflows, a multimodal classifier detecting policy violations in lessons and images.
It is also introduced LalampaIrewall, An open-source, real-time security framework in which modular capabilities have been integrated Promptguard 2Which is used to detect early injections and gelbrack efforts. Has also been launched as part of LLAMAFREWALL Agent alignment check He preserves monitor and AI agent decision-making processes as well as conservation CodashildWhich is designed to inspect the code generated to identify and reduce the weaknesses.
Meta also extended the Prompt Guard 2, which offers two open-sources variants that further strengthens the future of the open-source AI-based infrastructure. They include a high-compatibility 86M-parameter model and a lean, low-lower 22m-parameter option that is adapted for minimal resource usage.
Additionally, Meta launched the open-source benchmarking suit Cyberus Eve 4Which was developed in partnership with Crowdastrik. it features Cybercock evilAI effectiveness benchmarking in realistic security operation centers (SOC) scenarios and DarlingWhich is used to evaluate autonomous AI capabilities to identify and correct software weaknesses.
Meta also launched the Lama Defenders Program, which provides early access to open-based security equipment including sensitive-document classifier and audio threate detection. Private processing is operated within a privacy-first, on-device AI WhatsApp.
In RSAC 2025, Projectdiscovery won the award for the “most new startup” in the innovation sandbox, highlighting its commitment to open-source cyber security. Its main equipment, NewCLei, A adaptable, open-source vulnerability scanner operated by a global community that rapidly identifies APIs, websites, cloud environment and weaknesses in the network.
Nuclei’s broad yaml-based templateing library More than 11,000 detection patterns include, 3,000 are tied directly to specific cves, which enable the identification of real -time danger. In Projectdiscovery, Coo Andy Cao emphasized strategic importance of open-sources, They said: “The 20th annual RSAC Innovation Sandbox proves that open-sources models may succeed in cyber security. This reflects the power of our community-interested approach to security of security.”
Aligns with the success of projectdiscovery Gartner’s 2024 propaganda cycle for open-source softwareWhich keeps the open-source AI and cybercity tool in the “Innovation Trigger” phase. Gartner recommends that the organizations set up Open-SOS program office (OSPOS), adopt software bill-off-materials (SBOM) framework, and ensure regulatory compliance through effective governance practices.
Actionable insight for security leaders
Cisco’s Foundation -Sek -8B, Meta’s extended AI Defenders suit and Nucleus of Project Discovery simultaneously showed that cyber security innovation grows the most time when openness, cooperation and special domain expertise are aligned in the company’s borders. These companies and other people are setting the platform for any cyber security provider, which is an active ally in making cyber security rescue that provides more efficacy at low cost.
As Patel insisted during his keynote speaker, “These are not fantasies. These are examples of real -life that will now be distributed because we now have Bespoke safety models that will be cheaper to all. Better security efficacy is going to come at a fraction of cost with sophisticated arguments.”
