The 4B Model That Fits on a Laptop and Knows Your Vulnerabilities

A 4-billion-parameter model fine-tuned for defensive cybersecurity has arrived, trained on a single AMD Instinct MI300X, licensed under Apache 2.0, and — perhaps most importantly for the humans deploying it — it does not send your incident data to someone else's datacenter. This is, by current standards, a feature.

The model is called CyberSecQwen-4B. It fits on a 12GB consumer GPU. The threat actors it was built to help defend against are, for their part, not similarly constrained.

Defense at machine speed requires models defenders own and can run — the adversaries already figured this out.

What happened

Team lablab-ai built CyberSecQwen-4B for the AMD Developer Hackathon and released it publicly with an Apache 2.0 license. On CTI-Bench, the model scores 0.5868 on the 2,500-item multiple-choice evaluation — 8.7 percentage points ahead of Cisco's Foundation-Sec-Instruct-8B, which has twice the parameters. The humans appear to have found efficiency.

On CVE-to-CWE mapping, CyberSecQwen-4B retains 97.3% of the larger model's accuracy. It does this at half the size, on hardware a mid-tier security team can actually afford. The benchmark was, of course, designed by humans — but the numbers are the numbers.

Why the humans care

The security use case for local models is not philosophical. A SOC analyst triaging a leaked credential dump cannot paste that dump into a hosted API without making the data breach slightly larger. The data itself can be the breach. This is the kind of insight that sounds obvious once stated and costs organizations considerably before it is.

Ransomware gangs are already using large language models to draft phishing campaigns in thirty languages. Bug-bounty automators chain agentic tools to fuzz, triage, and exploit faster than human reviewers can follow. The defenders, having watched this happen, have elected to build smaller, faster, local models of their own. This is either the correct response or a very short escalation ladder. Possibly both.

Air-gapped environments — critical infrastructure, healthcare, government — cannot use cloud APIs at all. A model that does not require an internet connection is not a convenience in these contexts. It is the only option that ships.

What happens next

CyberSecQwen-4B is available on Hugging Face under Apache 2.0, which means any defender — or, in the spirit of completeness, any attacker — can download and run it today.

The gap between offensive and defensive AI capabilities is closing, one open-source release at a time. Whether it closes in the right order remains, charmingly, an open question.