---
title: CyberSec Models - Advanced Demo
emoji: 🛡️
colorFrom: red
colorTo: purple
sdk: gradio
sdk_version: "5.50.0"
app_file: app.py
pinned: true
license: apache-2.0
tags:
- cybersecurity
- iso27001
- rgpd
- gdpr
- compliance
- rag
- fine-tuned
- streaming
models:
- AYI-NEDJIMI/CyberSec-Assistant-3B
- AYI-NEDJIMI/ISO27001-Expert-1.5B
- AYI-NEDJIMI/RGPD-Expert-1.5B
datasets:
- AYI-NEDJIMI/iso27001
- AYI-NEDJIMI/rgpd-fr
- AYI-NEDJIMI/gdpr-en
- AYI-NEDJIMI/mitre-attack-fr
- AYI-NEDJIMI/owasp-top10-fr
- AYI-NEDJIMI/nis2-directive-fr
---

# 🛡️ CyberSec AI Models - Advanced Demo

**Advanced interactive demo showcasing 3 fine-tuned cybersecurity AI models with RAG and streaming.**

## Features

### 💬 Chat Mode
- Select from 3 specialized models
- Enable RAG (Retrieval-Augmented Generation) for context from 80+ datasets
- Streaming responses (token-by-token generation)
- Adjustable temperature and max tokens
- Multi-turn conversations with full history

### ⚖️ Compare Mode
- Ask the same question to all 3 models simultaneously
- See side-by-side responses
- Identify each model's strengths and specializations
- Compare with or without RAG

### 🔍 RAG (Retrieval-Augmented Generation)
- Semantic search across 80+ cybersecurity datasets
- Top-k document retrieval using sentence-transformers
- Automatic context injection for more accurate, detailed answers
- Sources include: ISO 27001, RGPD/GDPR, MITRE ATT&CK, OWASP, NIS2, and more

## Models

| Model | Base | Parameters | Specialty |
|-------|------|------------|-----------|
| [ISO27001-Expert-1.5B](https://huggingface.co/AYI-NEDJIMI/ISO27001-Expert-1.5B) | Qwen2.5-1.5B-Instruct | 1.5B | ISO/IEC 27001 ISMS implementation, controls, auditing |
| [RGPD-Expert-1.5B](https://huggingface.co/AYI-NEDJIMI/RGPD-Expert-1.5B) | Qwen2.5-1.5B-Instruct | 1.5B | GDPR/RGPD compliance, data protection, DPO guidance |
| [CyberSec-Assistant-3B](https://huggingface.co/AYI-NEDJIMI/CyberSec-Assistant-3B) | Qwen2.5-3B-Instruct | 3B | General cybersecurity, pentesting, SOC, compliance |

All models are fine-tuned with **QLoRA (4-bit quantization)** on specialized cybersecurity datasets.

## Technical Details

- **Fine-tuning method**: QLoRA (LoRA rank=64, alpha=128)
- **Training data**: 80+ bilingual (FR/EN) cybersecurity datasets
- **RAG embedding**: sentence-transformers/all-MiniLM-L6-v2
- **Inference**: CPU with float32 (Hugging Face free tier)
- **Streaming**: TextIteratorStreamer for real-time token generation

## Use Cases

- **ISO 27001 compliance**: Implementation guidance, control selection, audit preparation
- **GDPR/RGPD compliance**: Data protection requirements, DPIA, breach notification
- **Cybersecurity research**: MITRE ATT&CK, OWASP, threat hunting, SOC operations
- **Training & education**: Interactive Q&A for cybersecurity professionals
- **Compliance assessment**: Compare regulatory frameworks (NIS2, DORA, AI Act)

## Performance Notes

⚠️ **Running on CPU**: First response takes 30-60 seconds while models load. Subsequent responses are faster but still slower than GPU inference.

💡 **Tip**: The 1.5B models (ISO27001 and RGPD) are more responsive on CPU. The 3B model may be slower.

## Author

**Ayi NEDJIMI** - Senior Offensive Cybersecurity & AI Consultant

- 🌐 [Website](https://www.ayinedjimi-consultants.fr)
- 💼 [LinkedIn](https://www.linkedin.com/in/ayi-nedjimi)
- 🐙 [GitHub](https://github.com/ayinedjimi)
- 🐦 [Twitter/X](https://x.com/AyiNEDJIMI)
- 🤗 [HuggingFace Collection](https://huggingface.co/collections/AYI-NEDJIMI/cybersec-ai-portfolio-datasets-models-and-spaces-699224074a478ec0feeac493)

## License

Apache 2.0