---
license: apache-2.0
datasets:
- Trendyol/Trendyol-Cybersecurity-Instruction-Tuning-Dataset
- AlicanKiraz0/Cybersecurity-Dataset-Fenrir-v2.0
- AlicanKiraz0/Cybersecurity-Dataset-Heimdall-v1.1
base_model:
- meta-llama/Llama-3.3-70B-Instruct
---
-red)
-informational)
# Trendyol/Trendyol-Cybersecurity-LLM-v2-70B-Q4_K_M (Llama‑3.3‑70B Finetuned)
> v2-Max is a defense-focused, alignment-safe cybersecurity language model based on Llama-3.3-70B. It was trained via SFT from scratch on the v2 dataset and ranked near the top on CS-Eval in the EN and EN-ZH tracks. Developed by the Trendyol Group Security Team.
**Developed Trendyol Group Security Team**
- Alican Kiraz
- İsmail Yavuz
- Melih Yılmaz
- Mertcan Kondur
- Rıza Sabuncu
- Özgün Kultekin
We thank **Ahmet Gökhan Yalçın**, **Cenk Çivici**, **Nezir Alp**, **Yiğit Darçın** for all their support.
---
## 🏆 CS‑Eval Benchmark Results
- **English:** **3rd place**
- **English–Chinese:** **5th place**
- **Comprehensive average:** **91.03**
| Category | Score |
|---|---:|
| Fundamentals of System Security and Software Security | **91.33** |
| Access Control and Identity Management | **90.23** |
| Encryption Technology and Key Management | **92.70** |
| Infrastructure Security | **91.85** |
| AI and Network Security | **94.55** |
| Vulnerability Management and Penetration Testing | **90.78** |
| Threat Detection and Prevention | **92.44** |
| Data Security and Privacy Protection | **90.48** |
| Supply Chain Security | **93.69** |
| Security Architecture Design | **87.80** |
| Business Continuity & Emergency Response / Recovery | **85.00** |
| Chinese Task | **91.07** |
---
## 🔁 Why v2-Max?
**Differences: Old model (Qwen3-14B, “BaronLLM v2.0”) → New model (Llama-3.3-70B, “v2-Max”):**
* **Base model leap:** 14B → **70B** (stronger reasoning, long-range context, and standards-compliant answers).
* **Dataset:** v1.1 (**21,258**) → **v2.0 (**83,920**)** rows (≈4×); coverage includes **OWASP, MITRE ATT&CK, NIST CSF, CIS, ASD Essential 8**, modern identity (OAuth2/OIDC/SAML), **TLS**, **Cloud & DevSecOps**, **Cryptography**, and **AI Security**.
* **Security gates:** adversarial refusal tests against jailbreak/prompt injection, static policy linting, content risk taxonomy; **refuse-or-report** strategies in system prompts.
* **Orientation:** offensive examples were removed; **defensive, safe** outputs are preferred.
---
## 📚 v2 Dataset Summary (Alignment-Safe SFT)
**Size:** **83,920** *system/user/assistant* triplets
**License:** **Apache-2.0**
**Language:** **English**
**Split:** `train` (100%)
**Format:** **Parquet** (columns: `system`, `user`, `assistant`)
**Quality Gates:** Deduplication, PII scrubbing, hallucination screening, **adversarial refusal** tests, static policy linting, **risk taxonomy**, strict schema validations (stable row IDs).
**Coverage (key topics):**
* **OWASP Top 10**, **MITRE ATT&CK**, **NIST CSF**, **CIS Controls**, **ASD Essential 8**
* Modern identity: **OAuth 2.0 / OIDC / SAML**
* **SSL/TLS** practices and certificate hygiene
* **Cloud & DevSecOps:** IAM, secrets management, CI/CD, container/K8s hardening, logging/SIEM, IR runbooks
* **Cryptography** implementation hygiene
* **AI Security** (prompt injection, data poisoning, model/embedding security, etc.)
> The dataset is commercial-friendly: **Apache-2.0**. Harmful/exploitative content and high-risk materials such as raw shellcode were excluded during dataset construction; patterns for generating safe alternatives to harmful requests were included.
---
## ✨ Features
* **Defense-Focused Reasoning:** Standards-aligned (OWASP/ATT&CK/NIST/CIS) recommendations with step-by-step explanations that include the “why/evidence.”
* **Policy & Architecture Guides:** Identity/access, encryption, network segmentation, cloud control sets, data classification, and alert logic.
* **IR & Threat Hunting Support:** Incident flow, triage checklists, safe log query patterns, playbook skeletons.
* **Cloud & DevSecOps:** CI/CD security gates, IaC misconfiguration patterns, K8s hardening checklists.
* **Refusal-by-Design:** Safe alternatives and compliance-aligned response patterns for exploitative/malicious prompts.
> Note: This model is SFT-based; it has no tool use, web browsing, or access to an executable environment. In expert operations it is an **assistant**; it does not, by itself, constitute evidence.
---
## 🛠️ Quick Start
### Transformers (HF)
```python
from transformers import AutoTokenizer, AutoModelForCausalLM
import torch
model_id = "Trendyol/Trendyol-Cybersecurity-LLM-v2-70B-Q4_K_M"
tok = AutoTokenizer.from_pretrained(model_id, use_fast=True)
model = AutoModelForCausalLM.from_pretrained(
model_id,
torch_dtype=torch.bfloat16,
device_map="auto",
)
def generate(prompt, max_new_tokens=512, temperature=0.3, top_p=0.9):
inputs = tok(prompt, return_tensors="pt").to(model.device)
out = model.generate(**inputs, max_new_tokens=max_new_tokens,
do_sample=(temperature>0), temperature=temperature, top_p=top_p)
return tok.decode(out[0], skip_special_tokens=True)
print(generate("Map a PCI DSS v4.0 compliance checklist for a multi-account AWS environment."))
```
### vLLM
```bash
vllm serve Trendyol/Trendyol-Cybersecurity-LLM-v2-70B-Q4_K_M --dtype bfloat16
```
### GGUF / llama.cpp
> For practical single-machine use with a 70B model, **Q4_K_M** is recommended; higher-quality GGUF variants require much more memory.
---
## 🧪 Recommended Prompt Patterns
| Goal | Template | Note |
| --------------------- | ------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------- |
| **Risk Assessment** | `ROLE: Security Architect\nCONTEXT: ...\nTASK: Produce a control-by-control gap analysis against NIST CSF v2.0...` | `temperature=0.2–0.4, top_p=0.9` |
| **IR Playbook** | `Create a phase-by-phase incident response playbook for ransomware in hybrid (Azure+on-prem) AD.` | Ask for a validation checklist in the final step. |
| **Identity Security** | `Propose hardened OAuth2/OIDC configs for a multi-tenant SPA+API.` | Request an "abuse cases" list at the end of the response. |
| **Cloud Guardrails** | `Generate K8s hardening controls mapped to CIS + NSA/CISA.` | Include “rationale” and “validation” columns. |
---
## ⚖️ Intended Use, Limits, and Safety
**Intended Use:** Enterprise **defense** consulting, architectural guidance, control mappings, IR/TI support outputs, training, and documentation.
**Prohibited / Limitations:**
* Unauthorized penetration testing, PoC exploit/payload generation, instructions that harm live systems.
* Training or enriching outputs with personal data or confidential information.
**Model Behavior:**
* **Explicit refusal** for harmful requests + safe alternative suggestions.
* Content policies are tested within the dataset (against jailbreak/prompt injection).
**Disclaimer:** Model outputs should not be applied automatically without expert review; corporate policy and regulation take precedence.
---
## 🔍 Technical Notes
* **Training Method:** SFT (instruction tuning) + system-prompt guardrails.
* **Context Window:** Llama-3.3-70B’s default (same as Meta’s release).
* **Languages:** Training language is English; EN-ZH evaluation is supported.
* **Release:** Weights under the **Meta Llama 3.3 License**; dataset under **Apache-2.0**.
---
## 👥 Contributions & Contact
* **Issues / Feedback:** HF or GitHub Issues
* **Research Collaboration:** Trendyol Group Security Team
* **Acknowledgments:** Trendyol Security Team, community contributors, and independent evaluators
---
## 🧾 Changelog
* **2025-10-06 — v2-Max:** Migration to the Llama-3.3-70B base; **v2** dataset with **83,920** rows; alignment security gates; CS-Eval **EN #3 / EN-ZH #5**, average score **91.03**.
---