Qwen3.6-27B BlueTeam v5

Defensive security LLM fine-tuned from Qwen/Qwen3.6-27B using QLoRA on the blueteam-comprehensive-v5 dataset.

Produces detection queries, investigation chains, remediation guidance, and defensive strategies with concrete tool commands across Splunk, KQL, Kusto, PowerShell, Sigma, YARA, Zeek, and more.

Training: 2,298 records / 256 val, loss 0.208, 2 epochs, A100-40GB (2.5h)

Files

File Size Description
blueteam-v5-Q4_K_M.gguf 15.4 GB Main model -- standalone inference
blueteam-v5-mtp-Q4_K_M.gguf 1.9 GB MTP draft head -- for speculative decoding

Inference

Standalone

llama-server -m blueteam-v5-Q4_K_M.gguf -c 2048 -ngl 30

With MTP Speculative Decoding

llama-server -m blueteam-v5-Q4_K_M.gguf --model-draft blueteam-v5-mtp-Q4_K_M.gguf --spec-type draft-mtp -c 2048 -ngl 30

Training Dataset: blueteam-comprehensive-v5

Generated from 714 red-team skills with multi-language detection coverage:

Category Languages/Tools
SIEM Queries Splunk SPL, KQL (Azure Sentinel), Kusto
Endpoint Detection PowerShell, Sigma rules, YARA
Network Detection Zeek scripts, Suricata rules, Wireshark filters
Cloud Forensics AWS CloudTrail, Azure Monitor, GCP Audit Log
EDR Hunting Velociraptor artifacts, Wazuh queries

Phase-based chain classification (see also: recon, exploit, priv esc, persist, post-exploit).

Related Models

Downloads last month
53
GGUF
Model size
27B params
Architecture
qwen35
Hardware compatibility
Log In to add your hardware

3-bit

4-bit

Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support

Model tree for RedTeamLab/Qwen3.6-27B-blueteam-v5

Base model

Qwen/Qwen3.6-27B
Quantized
(545)
this model