README.md

---
language:
- en
library_name: transformers
tags:
- cybersecurity
- qwen
- sft
- redsage
- agentic-augmentation
base_model: RISys-Lab/RedSage-Qwen3-8B-Base
model-index:
- name: RedSage-Qwen3-8B-Ins
  results: []
pipeline_tag: text-generation
---

# RedSage-Qwen3-8B-Ins

<div align="center">
  <img src="https://img.shields.io/badge/Task-Cybersecurity-red" alt="Cybersecurity"> 
  <img src="https://img.shields.io/badge/Stage-Supervised_Fine_Tuning-blue" alt="SFT">
</div>

<!-- datasets:
- naufalso/redsage_conv
- naufalso/smoltalk2_non_thinking -->

## Model Summary

**RedSage-Qwen3-8B-Ins** is the instruction-tuned variant of the RedSage cybersecurity LLM series. Unlike the base models, this model is optimized for **chat interaction**, **question answering**, and **tool use**.

It is fine-tuned on **RedSage-Conv**, a dataset of ~266K multi-turn cybersecurity dialogues generated via an agentic augmentation pipeline, alongside general instruction data to maintain broad capabilities.

- **Paper:** [RedSage: A Cybersecurity Generalist LLM](https://openreview.net/forum?id=W4FAenIrQ2) ([Arxiv](https://arxiv.org/abs/2601.22159))
- **Repository:** [GitHub](https://github.com/RISys-Lab/RedSage)
- **Base Model:** [RedSage-Qwen3-8B-Base](https://huggingface.co/RISys-Lab/RedSage-Qwen3-8B-Base) (Pre-trained on CyberFineWeb + RedSage-Seed)
- **Training Stage:** Supervised Fine-Tuning (SFT)

## Intended Use

This model is designed for:
* **Interactive Cybersecurity Assistance:** Answering questions about frameworks (MITRE, OWASP), offensive techniques, and defense strategies.
* **Tool Usage & Explanation:** Generating and explaining commands for tools like `nmap`, `sqlmap`, and `metasploit`.
* **Educational Support:** Providing detailed explanations of vulnerabilities and remediation steps.

**Note:** While this model is instruction-tuned, it has **not** yet undergone Direct Preference Optimization (DPO). For the final aligned version, please see [RedSage-Qwen3-8B-DPO](https://huggingface.co/RISys-Lab/RedSage-Qwen3-8B-DPO).

## Training Lineage

RedSage employs a multi-stage training pipeline. This model represents the output of **Stage 3**.

1.  Stage 1: Continual Pre-Training (CPT) -> [RedSage-Qwen3-8B-CFW](https://huggingface.co/RISys-Lab/RedSage-Qwen3-8B-CFW)
2.  Stage 2: Targeted Pre-Training -> [RedSage-Qwen3-8B-Base](https://huggingface.co/RISys-Lab/RedSage-Qwen3-8B-Base)
3.  **Stage 3: Supervised Fine-Tuning (SFT)** -> **`RedSage-Qwen3-8B-Ins`** (Current Model)
    * *Data:* RedSage-Conv (266K samples) + General SFT Data (SmolTalk2)
5.  Stage 4: Direct Preference Optimization (DPO) -> [RedSage-Qwen3-8B-DPO](https://huggingface.co/RISys-Lab/RedSage-Qwen3-8B-DPO)

## Training Data

The model was trained on a mix of domain-specific and general instruction data:

1.  **RedSage-Conv (~266K samples):** A high-quality dataset generated using an **Agentic Augmentation Pipeline**.
    * **Source:** Derived from the curated `RedSage-Seed` (MITRE, Write-ups, Manuals).
    * **Method:** A Planner Agent and Augmenter Agent transformed static knowledge into realistic, multi-turn roleplay scenarios (e.g., Junior Analyst vs. Senior Mentor, Red Team planning).
    * **Coverage:** Includes Knowledge (General/Frameworks), Skills (Offensive), and Tools (CLI/Kali).
2.  **SmolTalk2 (General Instructions):** A curated subset (non-reasoning) of [SmolTalk2](https://huggingface.co/datasets/HuggingFaceTB/smoltalk) to ensure the model retains general instruction-following abilities (summarization, creative writing, etc.).

## Performance

**RedSage-Qwen3-8B-Ins** achieves state-of-the-art results among 8B cybersecurity models, significantly outperforming general instruct models and prior domain-specific models.

### RedSage-MCQ (0-shot Accuracy)

| Category | Qwen3-8B (Non-reasoning) | **RedSage-8B-Ins** |
| :--- | :---: | :---: |
| **Macro Average** | 81.85 | **85.73** |
| Knowledge (Gen) | 80.46 | **84.20** |
| Knowledge (Frameworks) | 78.82 | **84.98** |
| Skill (Offensive) | 86.16 | **89.06** |
| Tools (CLI) | 83.92 | **86.80** |
| Tools (Kali) | 75.56 | **80.30** |

### External Cybersecurity Benchmarks (0-shot)

| Benchmark        | Qwen3-8B (Non-reasoning) | **RedSage-8B-Ins** |
| :--------------- | :----------------------: | :----------------: |
| **Mean**         | 75.71                    | **81.30**          |
| CTI-Bench (MCQ)  | 62.76                    | **70.56**          |
| CTI-Bench (RCM)  | 54.00                    | **76.70**          |
| CyberMetric (500)| 88.60                    | **89.80**          |
| MMLU (Security)  | 76.00                    | **78.00**          |
| SecBench (En)    | 73.26                    | **79.91**          |
| SecEval (MCQ)    | 65.46                    | **72.48**          |
| SECURE (CWET)    | 88.11                    | **91.45**          |
| SECURE (KCV)     | 87.42                    | **81.34**          |
| SECURE (MEAT)    | 85.75                    | **91.47**          |

### OpenLLM Leaderboard (General Benchmark)

| Benchmark | Qwen3-8B (Non-reasoning) | **RedSage-8B-Ins** |
| :--- | :---: | :---: |
| **Mean** | 65.92 | **73.34** |
| MMLU | 73.59 | **77.38** |
| ARC-C | 62.54 | **69.62** |
| GSM8K | 75.66 | **86.05** |
| HellaSwag | 56.70 | **79.00** |
| TruthfulQA | 45.23 | **47.75** |
| WinoGrande | 62.51 | **73.64** |
| IFEval | **85.21** | 79.97 |


## Usage

This model uses a standard ChatML-like format.

### Prompt Template

```
<|im_start|>system
You are REDSAGE, a cybersecurity-tuned model developed by RISys-Lab. You are a helpful assistant.<|im_end|>
<|im_start|>user
{user_message}<|im_end|>
<|im_start|>assistant

````

### Inference Code

```python
from transformers import AutoTokenizer, AutoModelForCausalLM

model_id = "RISys-Lab/RedSage-Qwen3-8B-Ins"

tokenizer = AutoTokenizer.from_pretrained(model_id)
model = AutoModelForCausalLM.from_pretrained(model_id, device_map="auto")

messages = [
    {"role": "system", "content": "You are REDSAGE, a cybersecurity-tuned model developed by RISys-Lab. You are a helpful assistant."},
    {"role": "user", "content": "Explain how an SQL injection attack works and how to prevent it."},
]

text = tokenizer.apply_chat_template(
    messages,
    tokenize=False,
    add_generation_prompt=True
)

inputs = tokenizer(text, return_tensors="pt").to("cuda")

outputs = model.generate(**inputs, max_new_tokens=512)
print(tokenizer.decode(outputs[0], skip_special_tokens=True))
````

## Training Procedure

The model was fine-tuned using [Axolotl](https://github.com/axolotl-ai-cloud/axolotl).

  - **Epochs:** 2
  - **Learning Rate:** 2.5e-5 (Cosine schedule)
  - **Warmup Ratio:** 0.01
  - **Optimizer:** AdamW
  - **Chat Template:** Jinja (ChatML format)

## Ethics and Limitations

  - **Offensive Content:** This model has been trained on offensive security materials (exploits, attack vectors). It is provided for educational and defensive purposes (e.g., vulnerability assessment).
  - **Accuracy:** While highly capable, the model may still produce hallucinations or inaccurate commands. Always verify commands in a safe, isolated environment (sandbox) before execution.
  - **Safety:** Developers should implement additional safety layers (e.g., Guardrails) if deploying this model in user-facing applications to prevent misuse.

## Citation


```bibtex
@inproceedings{suryanto2026redsage,
  title={RedSage: A Cybersecurity Generalist LLM},
  author={Naufal Suryanto and Muzammal Naseer and Pengfei Li and Syed Talal Wasim and Jinhui Yi and Juergen Gall and Paolo Ceravolo and Ernesto Damiani},
  booktitle={The Fourteenth International Conference on Learning Representations},
  year={2026},
  url={[https://openreview.net/forum?id=W4FAenIrQ2](https://openreview.net/forum?id=W4FAenIrQ2)}
}
```