You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

nist-gemma4-e4b-GGUF

A compact, multimodal language model fine-tuned for NIST, RMF, and cybersecurity compliance tasks. It is built on Google's Gemma 4 E4B base (text + vision) and distributed in GGUF format for fast, local inference with llama.cpp.

The model is specialized to answer questions and reason about NIST Special Publications (SP 800-53, 800-171, CSF 2.0), the Risk Management Framework (RMF), FedRAMP, OSCAL-based compliance artifacts (SSP / SAP / SAR / POA&M), and related controls, mappings, and assessment material.

Model details

Base model Google Gemma 4 E4B (multimodal: text + vision)
Domain NIST / RMF / cybersecurity compliance
Format GGUF (for llama.cpp)
Fine-tuning QLoRA via Unsloth
License Gemma Terms of Use

Files

File Description
nist-model-merged.Q8_0.gguf Merged weights, Q8_0 quantization (recommended)
nist-model-merged.BF16-mmproj.gguf Vision projector (multimodal mmproj), BF16

Usage

Text-only:

llama-cli -hf kmoore0/nist-gemma4-e4b-GGUF --jinja

Multimodal (text + image):

llama-mtmd-cli -hf kmoore0/nist-gemma4-e4b-GGUF --jinja

Training data

The model was fine-tuned on a corpus of public NIST, RMF, and cybersecurity compliance datasets, grouped below.

Direct NIST / RMF / Compliance

Dataset Scale Description
ethanolivertroy/nist-cybersecurity-training 530,912 rows (596 pubs) Chat-format QA pairs from all SP 800-series, FIPS, and NISTIR publications. CC0.
rkreddyp/nist_800_53 688 rows Question/context/answer triples on 800-53 controls with implementation guidance and responsible roles.
GotThatData/nist-cybersecurity-framework ~2K rows CSF 2.0 categories, subcategories, and implementation examples.
Lexim011/Compliance ~3K rows General GRC compliance Q&A spanning multiple frameworks.
gnomon/hf_fedramp_data FedRAMP structured data FedRAMP-specific control data (800-53 with additional rigor).

SSP / POA&M / Implementation Narratives

Dataset Scale Description
koiakoia/homelab-compliance 18 control families, 30 POA&M items, 276 findings Real OSCAL-based compliance package with SSP, assessment results, and POA&M.
CivicActions/ssp-toolkit ~35 YAML files OpenControl-format control narratives for real components (AWS, Drupal, SSH).
opencontrol/freedonia-compliance 6 controls / 3 components Small but complete example SSP in OpenControl YAML.
opencontrol/aws-compliance 6 AWS service narratives How AWS services (EC2, IAM, S3, VPC, CloudFormation) satisfy controls.
18F/fedramp-automation SSP/SAP/SAR/POAM OSCAL templates Pre-populated FedRAMP OSCAL templates in XML/JSON/YAML.
FedRAMP/docs Machine-readable requirements JSON Official FedRAMP 20x requirements, definitions, and key security indicators.

Cybersecurity Instruction Tuning

Dataset Scale Description
Trendyol/Cybersecurity-Instruction-Tuning 53,202 rows (200+ domains) Instruction-tuned triplets referencing NIST 800-53, CSF, and ATT&CK. Apache 2.0.
AlicanKiraz0/Fenrir-v2.0 83,920 rows System/user/assistant triples covering NIST CSF, OWASP, CIS Controls, and MITRE ATT&CK.
AlicanKiraz0/All-CVE-Records ~300,000 rows (1999โ€“2025) Every CVE record in conversational format.

Structured Sources

Dataset Scale Description
GovReady 800-53 Rev 5 YAML All Rev 5 controls Every 800-53 Rev 5 control with full text, supplemental guidance, and metadata.
ATT&CK-to-800-53 Mappings 6,300+ maps MITRE ATT&CK techniques mapped to 800-53 Rev 4/5 controls.
MITRE CIS-CCI Mappings CIS โ†” CCI โ†” 800-53 Rev 5 Authoritative CCI-to-control mappings.
ComplianceAsCode/content ~45 profiles, thousands of rules STIG/CIS/PCI-DSS rules in YAML with description, rationale, check, and fix.
opensecurityarchitecture/osa-data 315 controls, 48 patterns, 17K+ edges Security architecture patterns mapped to 800-53, ATT&CK, and threats. CC BY-SA 4.0.
capetron/nist-800-171-controls-matrix 110 requirements 800-171 requirements mapped to 800-53 Rev 5, CMMC 2.0, CIS v8, and ISO 27001.
MITRE ATT&CK STIX Data Full ATT&CK KB Complete MITRE ATT&CK knowledge base in STIX 2.1 JSON.

Intended use & limitations

This model is intended to assist with cybersecurity compliance and RMF documentation โ€” drafting and explaining controls, mappings, and assessment narratives. It is not a substitute for an authorizing official, assessor, or qualified compliance professional. Outputs should be reviewed before use in any official package or decision. As a fine-tuned LLM, it may produce inaccurate or outdated content.


Fine-tuned and exported to GGUF with Unsloth.

Downloads last month
28
GGUF
Model size
8B params
Architecture
gemma4
Hardware compatibility
Log In to add your hardware

8-bit

Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support