Abstract
This demo introduces an open-source, instruction-tuned Large Language Model (LLM), purpose-built to assist security practitioners across both SOC and Offensive Security workflows. Unlike generic chat models, this LLM is trained on real analyst tasks and security-native language. It helps SOC teams summarize alerts, map MITRE TTPs, trace attack paths, and draft incident reports; and helps offensive teams generate red-team test plans, model threats, and surface remediation guidance from pull requests. Alongside the LLM, the project releases a Security LLM Cookbook with prompt templates, code snippets, lightweight RAG pipelines, and deployment examples for SIEMs and cloud environments. Everything is open-source, transparent, and customizable.
Presented at Black Hat Europe 2025 Arsenal, December 8-11, London. Track: AI, ML & Data Science.