WhiteRabbitNeo released a major new version trained
on new cybersecurity and threat intelligence data on the Qwen 2.5 family of
models, a top performing software engineering model on HumEval. The new release
integrates critical real-world data sources for cybersecurity and
infrastructure. These new sources, when deployed on Qwen, make WhiteRabbitNeo
even more accurate when resolving prompts related to offensive cybersecurity,
creating remediations for potential threats and integrating future threat intelligence
and vulnerability data via techniques such as RAG.
"This new V2.5
series of WhiteRabbitNeo AI models represents a significant improvement over
previous ones. The early models were fine-tuned using 100,000 samples of
offensive and defensive cybersecurity data. The new models used an expanded
dataset of 1.7 million samples. This improved WhiteRabbitNeo's HumanEval score
to 85.36, from 75 in our previous generation. And of course, they are still
uncensored, so it's a perfect fit for all cybersecurity use cases," said Migel
Tissera, creator of WhiteRabbitNeo.
"The new
release of WhiteRabbitNeo is trained to act like the experienced, professional
adversaries modern enterprise security teams face every day. By utilizing Qwen
and training on new cybersecurity and DevOps infrastructure as code data
sources, WhiteRabbitNeo helps DevSecOps teams expand their capability to combat
modern threats by discovering, exploiting and remediating vulnerabilities and
security issues in their infrastructure before their adversaries do," said Andy
Manoske, VP of Product at Kindo, the primary sponsor of open source project,
WhiteRabbitNeo.
Enterprise
security teams are overworked and understaffed and are often targeted by threat
actors, such as state-sponsored adversaries and organized crime rings who
utilize modern offensive security technology to exploit vulnerabilities within
enterprises. Even when these teams are able to successfully defend themselves,
rapid changes to identity or security infrastructure or new discoveries of zero
day vulnerabilities may mean that defenders of enterprise infrastructure are
outmatched by their modern attackers.
GenAI provides
new opportunities for defenders to respond to modern adversaries who use attack
automation suites. By integrating open threat intelligence, technical data from
real world attacks and security research and contextual infrastructure data, LLMs
trained in offensive security and DevSecOps provide practitioners in that field
with a force multiplier to better respond to modern threats despite significant
shortages in the enterprise security workforce.
WhiteRabbitNeo
is an open source GenAI model for offensive and defensive cybersecurity. While
popular foundation models censor many security use cases, WhiteRabbitNeo is
uncensored and trained to act like a modern adversary. It knows threat
intelligence, understands software engineering and infrastructure as code, and
can utilize its deep corpus of knowledge to craft novel attacks in more than
180 programming and scripting languages and provide immediate remediation for
the threats it detects and compromises.
Popular use
cases include:
- DevOps
professionals are able to write and instrument secure and reliable
infrastructure as code.
- Security
red teams, known as offensive teams, are able to rapidly improve their
efficiency in how they construct code proofs of concept, create sample
attacks, remediate vulnerabilities and more
- Security
blue teams, known as defensive teams, are able to automate previously
manual aspects of runbooks for intrusion detection and response, remediate
security events and more
WhiteRabbitNeo's
new release integrates critical real-world data sources from Indicator of
Compromise (IoC) and threat actor data from open source threat intelligence
networks, CVEs and technical vulnerability data from NVD and common enterprise
infrastructure and security tool suite documentation.