Cisco Releases Open-Source Security LLM for SOCs

Cisco's Foundation AI team released and open-sourced the 8-billion-parameter Llama-3.1-FoundationAI-SecurityLLM-1.1-8B-Instruct (Foundation-sec-8b-instruct), trained on an offline cybersecurity dataset and demonstrated at Black Hat Europe NOC/SOC in London. Integrated into Cisco XDR via workflows and playbooks, the model summarizes alerts, maps MITRE ATT&CK TTPs, traces attack paths, and drafts incident reports to accelerate SOC triage and investigations.