kon-security-v5
Expert Security Code Reviewer - A fine-tuned Qwen2.5-Coder-7B model specialized for security vulnerability detection and false positive reduction in SAST (Static Application Security Testing) pipelines.
Model Details
| Property | Value |
|---|---|
| Base Model | Qwen2.5-Coder-7B-Instruct |
| Fine-tuning | QLoRA (4-bit quantization) |
| Quantization | Q4_K_M (GGUF) |
| Parameters | 7.6B |
| Context Length | 32,768 tokens |
| File Size | ~4.7 GB |
| Format | GGUF (Ollama-compatible) |
Performance
| Metric | Score |
|---|---|
| Overall Accuracy | 98.1% |
| F1 Score | 0.99 |
| False Positive Rate | 0.0% |
| JSON Compliance | 100% |
| Avg Response Time | 2.8s |
Capabilities
- Identifies true security vulnerabilities across 20+ vulnerability categories
- Eliminates false positives from SAST tools (SQL injection, XSS, command injection, etc.)
- Provides structured JSON output with verdict, confidence, CWE IDs, severity, and remediation
- Understands framework-specific safe patterns (React, Django, Express, Rails, etc.)
- Supports taint analysis reasoning (source-to-sink tracking)
Vulnerability Categories
CRITICAL: SQL Injection (CWE-89), Command Injection (CWE-78), Deserialization (CWE-502), Hardcoded Secrets (CWE-798), Code Injection (CWE-94)
HIGH: XSS (CWE-79), Path Traversal (CWE-22), SSRF (CWE-918), Timing Attacks (CWE-208), Buffer Overflow (CWE-120)
MEDIUM: Weak Crypto (CWE-327), Insecure Random (CWE-330), Information Disclosure (CWE-200), Missing Auth (CWE-306)
Usage with Ollama
# Pull the model
ollama pull kon-security/kon-security-v5
# Or create from GGUF
ollama create kon-security-v5 -f Modelfile
# Run
ollama run kon-security-v5
Example Prompt
<|im_start|>system
You are an expert security code reviewer...
<|im_end|>
<|im_start|>user
Analyze this code for SQL injection:
query = f"SELECT * FROM users WHERE id = {user_id}"
<|im_end|>
<|im_start|>assistant
Example Response
{
"verdict": "TRUE_POSITIVE",
"is_vulnerable": true,
"confidence": 0.97,
"cwe_ids": ["CWE-89"],
"severity": "CRITICAL",
"reasoning": "f-string interpolates user_id directly into SQL query without parameterization",
"remediation": "cursor.execute('SELECT * FROM users WHERE id = ?', (user_id,))"
}
System Prompt
The model is fine-tuned with the following system prompt baked in:
You are an expert security code reviewer specializing in identifying true
vulnerabilities and eliminating false positives. You analyze code with deep
understanding of security patterns across all languages and frameworks.
CRITICAL RULES:
1. Parameterized queries (?, $1, %s, :param) = SAFE from SQL injection
2. textContent, createTextNode = SAFE from XSS
3. React JSX {variable} = SAFE from XSS (React auto-escapes)
4. subprocess.run([list, args]) without shell=True = SAFE from command injection
5. json.loads/JSON.parse = SAFE (cannot execute code)
6. secure_filename() from werkzeug = SAFE from path traversal
7. bcrypt/argon2/scrypt for password hashing = SAFE
8. HMAC.compare_digest/timingSafeEqual = SAFE from timing attacks
9. DOMPurify.sanitize() = SAFE from XSS
10. MD5/SHA1 for non-security purposes (checksums, cache keys) = SAFE
11. Test files testing security scanners = SAFE
12. Environment variables for secrets = SAFE (not hardcoded)
13. ORM methods (Django .filter(), Rails .where(hash), SQLAlchemy) = SAFE from SQLi
14. Content-Security-Policy, helmet(), CORS allowlists = SAFE
Integration with Kon Security Scanner
This model is the default LLM for the Kon Security Scanner, providing:
- SAST finding validation and FP reduction
- CWE ID mapping
- Severity assessment
- Remediation suggestions
from kon.core.ollama_analyzer import OllamaAnalyzer
analyzer = OllamaAnalyzer(model="kon-security-v5:latest")
result = analyzer.analyze_finding_enhanced(
code_snippet="query = f'SELECT * FROM users WHERE id = {user_id}'",
vulnerability_type="SQL Injection",
file_path="app/db.py",
line_number=42
)
print(result.verdict) # TRUE_POSITIVE
Training Details
- Method: QLoRA (4-bit quantization-aware fine-tuning)
- Base: Qwen2.5-Coder-7B-Instruct
- Dataset: Curated security code review examples covering 20+ CWE categories
- Hardware: NVIDIA GPU with CUDA support
- Quantization: Q4_K_M via llama.cpp
License
Apache 2.0 (same as base model)
- Downloads last month
- 4
Hardware compatibility
Log In
to add your hardware
4-bit
Model tree for Vasanth155/kon-security-v5
Evaluation results
- Accuracyself-reported98.100
- F1 Scoreself-reported0.990
- False Positive Rateself-reported0.000
- JSON Complianceself-reported100.000