RedSage-Qwen3-8B-Ins

Model Summary

RedSage-Qwen3-8B-Ins is the instruction-tuned variant of the RedSage cybersecurity LLM series. Unlike the base models, this model is optimized for chat interaction, question answering, and tool use.

It is fine-tuned on RedSage-Conv, a dataset of ~266K multi-turn cybersecurity dialogues generated via an agentic augmentation pipeline, alongside general instruction data to maintain broad capabilities.

• Paper: RedSage: A Cybersecurity Generalist LLM
• Repository: GitHub
• Base Model: RISys-Lab/RedSage-Qwen3-8B-Base (Pre-trained on CyberFineWeb + RedSage-Seed)
• Training Stage: Supervised Fine-Tuning (SFT)

Intended Use

This model is designed for:

• Interactive Cybersecurity Assistance: Answering questions about frameworks (MITRE, OWASP), offensive techniques, and defense strategies.
• Tool Usage & Explanation: Generating and explaining commands for tools like nmap, sqlmap, and metasploit.
• Educational Support: Providing detailed explanations of vulnerabilities and remediation steps.

Note: While this model is instruction-tuned, it has not yet undergone Direct Preference Optimization (DPO). For the final aligned version, please see RedSage-Qwen3-8B-DPO.

Training Lineage

RedSage employs a multi-stage training pipeline. This model represents the output of Stage 3.

1. Stage 1: Continual Pre-Training (CPT) -> RedSage-Qwen3-8B-CFW
2. Stage 2: Targeted Pre-Training -> RedSage-Qwen3-8B-Base
3. Stage 3: Supervised Fine-Tuning (SFT) -> RedSage-Qwen3-8B-Ins (Current Model)
   • Data: RedSage-Conv (266K samples) + General SFT Data (SmolTalk2)
4. Stage 4: Direct Preference Optimization (DPO) -> RedSage-Qwen3-8B-DPO

Training Data

The model was trained on a mix of domain-specific and general instruction data:

1. RedSage-Conv (~266K samples): A high-quality dataset generated using an Agentic Augmentation Pipeline.
   • Source: Derived from the curated RedSage-Seed (MITRE, Write-ups, Manuals).
   • Method: A Planner Agent and Augmenter Agent transformed static knowledge into realistic, multi-turn roleplay scenarios (e.g., Junior Analyst vs. Senior Mentor, Red Team planning).
   • Coverage: Includes Knowledge (General/Frameworks), Skills (Offensive), and Tools (CLI/Kali).
2. SmolTalk2 (General Instructions): A curated subset (non-reasoning) of SmolTalk2 to ensure the model retains general instruction-following abilities (summarization, creative writing, etc.).

Performance

RedSage-Qwen3-8B-Ins achieves state-of-the-art results among 8B cybersecurity models, significantly outperforming general instruct models and prior domain-specific models.

RedSage-MCQ (0-shot Accuracy)

Category	Qwen3-8B (Non-reasoning)	RedSage-8B-Ins
Macro Average	81.85	85.73
Knowledge (Gen)	80.46	84.20
Knowledge (Frameworks)	78.82	84.98
Skill (Offensive)	86.16	89.06
Tools (CLI)	83.92	86.80
Tools (Kali)	75.56	80.30

External Cybersecurity Benchmarks (0-shot)

Benchmark	Qwen3-8B (Non-reasoning)	RedSage-8B-Ins
Mean	75.71	81.30
CTI-Bench (MCQ)	62.76	70.56
CTI-Bench (RCM)	54.00	76.70
CyberMetric (500)	88.60	89.80
MMLU (Security)	76.00	78.00
SecBench (En)	73.26	79.91
SecEval (MCQ)	65.46	72.48
SECURE (CWET)	88.11	91.45
SECURE (KCV)	87.42	81.34
SECURE (MEAT)	85.75	91.47

OpenLLM Leaderboard (General Benchmark)

Benchmark	Qwen3-8B (Non-reasoning)	RedSage-8B-Ins
Mean	65.92	73.34
MMLU	73.59	77.38
ARC-C	62.54	69.62
GSM8K	75.66	86.05
HellaSwag	56.70	79.00
TruthfulQA	45.23	47.75
WinoGrande	62.51	73.64
IFEval	85.21	79.97

Usage

This model uses a standard ChatML-like format.

Prompt Template

<|im_start|>system
You are REDSAGE, a cybersecurity-tuned model developed by RISys-Lab. You are a helpful assistant.<|im_end|>
<|im_start|>user
{user_message}<|im_end|>
<|im_start|>assistant

Inference Code

from transformers import AutoTokenizer, AutoModelForCausalLM

model_id = "RISys-Lab/RedSage-Qwen3-8B-Ins"

tokenizer = AutoTokenizer.from_pretrained(model_id)
model = AutoModelForCausalLM.from_pretrained(model_id, device_map="auto")

messages = [
    {"role": "system", "content": "You are REDSAGE, a cybersecurity-tuned model developed by RISys-Lab. You are a helpful assistant."},
    {"role": "user", "content": "Explain how an SQL injection attack works and how to prevent it."},
]

text = tokenizer.apply_chat_template(
    messages,
    tokenize=False,
    add_generation_prompt=True
)

inputs = tokenizer(text, return_tensors="pt").to("cuda")

outputs = model.generate(**inputs, max_new_tokens=512)
print(tokenizer.decode(outputs[0], skip_special_tokens=True))

Training Procedure

The model was fine-tuned using Axolotl.

• Epochs: 2
• Learning Rate: 2.5e-5 (Cosine schedule)
• Warmup Ratio: 0.01
• Optimizer: AdamW
• Chat Template: Jinja (ChatML format)

Ethics and Limitations

• Offensive Content: This model has been trained on offensive security materials (exploits, attack vectors). It is provided for educational and defensive purposes (e.g., vulnerability assessment).
• Accuracy: While highly capable, the model may still produce hallucinations or inaccurate commands. Always verify commands in a safe, isolated environment (sandbox) before execution.
• Safety: Developers should implement additional safety layers (e.g., Guardrails) if deploying this model in user-facing applications to prevent misuse.

Citation

@inproceedings{suryanto2026redsage,
  title={RedSage: A Cybersecurity Generalist LLM},
  author={Naufal Suryanto and Muzammal Naseer and Pengfei Li and Syed Talal Wasim and Jinhui Yi and Juergen Gall and Paolo Ceravolo and Ernesto Damiani},
  booktitle={The Fourteenth International Conference on Learning Representations},
  year={2026},
  url={[https://openreview.net/forum?id=W4FAenIrQ2](https://openreview.net/forum?id=W4FAenIrQ2)}
}