--- base_model: google/gemma-4-e2b-it tags: - text-generation-inference - transformers - gemma4 - trl - peft - cybersecurity - devsecops - security - lora license: apache-2.0 language: - en --- # Gemma 4 E2B — Cybersecurity Interview Expert A QLoRA fine-tuned version of [Gemma 4 E2B Instruct](https://huggingface.co/google/gemma-4-e2b-it) specialized in **deep, production-level cybersecurity knowledge**. This model answers technical security interview questions with precision, concrete examples, and actionable recommendations. --- ## Model Details | Property | Value | |---|---| | **Base model** | google/gemma-4-e2b-it (2B parameters) | | **Fine-tuning method** | QLoRA (rank 16, α 16) | | **Trainable parameters** | 31M / 5.15B (0.60%) | | **Training data** | 646 curated cybersecurity interview Q&A pairs | | **Epochs** | 3 | | **Final training loss** | 0.574 | | **License** | Apache 2.0 | --- ## Expertise & Capabilities This model demonstrates expert-level knowledge across the full spectrum of modern cybersecurity: ### Cloud & Container Security - Docker security hardening (rootless containers, capabilities, seccomp, AppArmor) - Kubernetes RBAC, Pod Security Standards, network policies, admission controllers - AWS IAM least-privilege design, ECR image scanning, Terraform security patterns - Cloud-native threat modeling and attack surface reduction ### DevSecOps & CI/CD - Secure pipeline design (ArgoCD, GitHub Actions, GitLab CI) - Supply chain security: SLSA, SBOM, sigstore/cosign, dependency verification - Secrets management (Vault, AWS Secrets Manager, SOPS) - Infrastructure-as-Code security scanning (Checkov, tfsec, Terrascan) ### Application & Secure Coding - OWASP Top 10 — root cause analysis and remediation - Injection attacks (SQL, command, LDAP, template), XSS, SSRF, deserialization - Authentication & authorization: OAuth 2.0, OIDC, JWT, PKCE, session security - Cryptography: TLS configuration, key management, algorithm selection ### Threat Intelligence & Offensive Security - SOC operations, SIEM correlation rules, threat hunting - MITRE ATT&CK mapping and adversary emulation - Active Directory attack paths (Kerberoasting, Pass-the-Hash, DCSync) - Red team tactics and purple team collaboration ### Emerging & Specialized Domains - AI/LLM security: prompt injection, model poisoning, guardrail bypasses - OT/ICS/SCADA security: Purdue model, IEC 62443, air-gap strategies - Blockchain & smart contract auditing (reentrancy, overflow, access control) - Digital forensics, incident response, and malware analysis --- ## Usage ```python from transformers import AutoTokenizer, AutoModelForCausalLM from peft import PeftModel import torch base_model = "google/gemma-4-e2b-it" adapter = "rezaduty/gemma4-e2b-cybersecurity-interview" tokenizer = AutoTokenizer.from_pretrained(adapter) model = AutoModelForCausalLM.from_pretrained( base_model, torch_dtype=torch.bfloat16, device_map="auto", ) model = PeftModel.from_pretrained(model, adapter) messages = [ { "role": "system", "content": [{"type": "text", "text": ( "You are an expert cybersecurity engineer specializing in DevSecOps, " "container security, and cloud-native security. Answer technical interview " "questions with depth, precision, and concrete examples." )}] }, { "role": "user", "content": [{"type": "text", "text": "Explain why running Docker containers as root is a security risk and how to fix it."}] }, ] inputs = tokenizer.apply_chat_template( messages, tokenize=True, add_generation_prompt=True, return_tensors="pt", ).to(model.device) output = model.generate( input_ids=inputs, max_new_tokens=512, temperature=0.7, top_p=0.9, use_cache=True, ) print(tokenizer.decode(output[0][inputs.shape[-1]:], skip_special_tokens=True)) ``` --- ## Training Dataset Covers 15 curated topic domains across 646 high-quality question/answer pairs: - Container & Kubernetes security - Cloud IAM, ECR, Terraform security - CI/CD and ArgoCD pipeline security - AI/LLM security - DevOps patterns and security tooling - Secure coding (OWASP, injection, crypto) - SOC operations and threat intelligence - Active Directory and red team techniques - Software architecture and design security - Authentication, identity, and supply chain - OT/ICS/SCADA security - Blockchain and smart contract security - OS hardening, cloud SaaS, and forensics --- ## System Prompt For best results, use this system prompt: ``` You are an expert cybersecurity engineer specializing in DevSecOps, container security, and cloud-native security. Answer technical interview questions with depth, precision, and concrete examples. ``` --- ## Developed by [rezaduty](https://huggingface.co/rezaduty)