ThreatMon today announced the launch of its official Hugging Face repository, marking the company’s first step toward contributing cybersecurity-focused AI models, datasets, and research resources to the broader AI and threat intelligence communities.
As part of this initiative, ThreatMon is releasing its first public model, qwen36-secura, a cybersecurity-focused AI model built on the Qwen3.6 architecture and designed for threat intelligence, SOC operations, threat hunting, DFIR, and vulnerability analysis workflows.
The launch reflects ThreatMon’s commitment to advancing the intersection of artificial intelligence and cybersecurity by making high-quality, domain-specific resources more accessible to researchers, practitioners, and organizations worldwide.
While recent advances in large language models have transformed many industries, cybersecurity continues to require specialized knowledge, structured reasoning, and deep understanding of threat intelligence frameworks, vulnerability data, and adversary behavior.
qwen36-secura was developed to address these challenges through domain adaptation and cybersecurity-focused training. The model is designed to support a wide range of security use cases, including:
The model was trained using a two-phase approach. The first phase focused on continued pre-training using a curated cybersecurity corpus assembled from authoritative security knowledge sources. The second phase focused on reasoning-oriented fine-tuning for tasks such as CVSS scoring, CWE mapping, ATT&CK technique extraction, and threat intelligence question answering.
In internal evaluations using CTIBench, qwen36-secura demonstrated strong performance across multiple cybersecurity tasks.
Key results include:
Notably, the model achieved a higher combined CTIBench score than GPT-5.4 and Gemini 3.5 Flash, while also delivering significantly stronger ATT&CK extraction performance and perfect CVSS output reliability.
qwen36-secura is released under the Apache 2.0 license and can be fully self-hosted, enabling organizations to deploy the model within their own environments while maintaining control over sensitive data, workflows, and infrastructure.
ThreatMon believes meaningful progress in cybersecurity AI requires collaboration between researchers, defenders, and the open-source community. The company’s Hugging Face repository has been established with this principle in mind.
The release of qwen36-secura represents the first milestone in ThreatMon’s broader AI initiative.
Going forward, ThreatMon plans to publish additional cybersecurity-focused models, curated datasets, evaluation resources, and technical research designed to advance both cyber defense capabilities and the application of AI in security operations.
By making these resources publicly available, ThreatMon aims to support practitioners, researchers, and organizations working to strengthen cybersecurity through open and accessible AI technologies.
This repository will serve as the central hub for ThreatMon’s future AI contributions, providing the community with models, datasets, and research artifacts that help bridge the gap between cybersecurity expertise and modern AI capabilities.
https://huggingface.co/ThreatMon/qwen36-secura
Share: