AIAny
Icon for item

Cybersecurity Defense Instruction-Tuning Dataset (Fenrir v2.1)

Provides 99,870 system/user/assistant chat triples for defensive cybersecurity instruction‑tuning, with built‑in refusal patterns and mapping to OWASP, MITRE ATT&CK, NIST, and CIS standards; Apache‑2.0 licensed.

Introduction

Most public security content focuses on exploits; this dataset takes the opposite approach: it supplies high‑quality, defensive chat triples engineered for safe, alignment‑aware instruction‑tuning of LLMs used in security contexts. The dataset emphasizes mitigations, detection, and refusal behavior rather than step‑by‑step exploit construction, making it suitable for training models to give practitioner‑level defensive guidance while rejecting malicious or dual‑use requests.

What Sets It Apart
  • Scope and scale: ~99,870 JSONL rows of system/user/assistant triples covering AppSec (OWASP), MITRE ATT&CK, NIST CSF, CIS Controls, cloud (AWS/Azure/GCP), DevSecOps, IAM, modern auth (OAuth2/OIDC/SAML), TLS/crypto, and AI‑security interplay. This size supports instruction‑tuning at production scale without assembling disparate sources.
  • Safe‑by‑design data engineering: multiple automated and manual quality gates (deduplication, PII/profanity scrubbing, hallucination scans) plus adversarial refusal tests and static policy linting to reduce leakage of exploit construction steps. Records include explicit refusal patterns and safer alternatives when topics are dual‑use.
  • Standards mapping & practitioner framing: entries are framed at a senior security engineer level and mapped to recognizable frameworks (OWASP/MITRE/NIST/CIS), which helps models produce responses that cite controls, tradeoffs, and operational actions rather than abstract statements.
  • Production‑friendly format and license: distributed as JSONL chat triples with stable row IDs and an Apache‑2.0 license, easing commercial use and reproducible training pipelines.
Who It's For and Tradeoffs

Great fit if you need a defensively curated instruction‑tuning corpus to align an LLM for security guidance, SIEM/IR explanation, or secure‑coding assistants that must refuse exploit requests. It accelerates building models that can explain mitigations, generate checklists, and map findings to standards.

Look elsewhere if you need red‑team exploit corpora, multilingual coverage (this is English‑only), or raw telemetry/attack traces for detection model training — Fenrir intentionally omits step‑by‑step offensive instructions and focuses on explanation, mitigation, and safe refusals. Also, security guidance ages; plan periodic refreshes and supplement with the latest vendor/standards docs for cutting‑edge attacks.

Information

Categories

More Items

Hugging Face

A collection of ready-to-run Hugging Face Jobs OCR scripts that add a markdown column (or structured JSON) to image datasets, with model switching, layout detection, server-mode serving, and per-model options for table/form extraction.

Hugging Face

Provides 115M public GitHub source files (≈873GB of code, ~1TB uncompressed) with per-file metadata (repo, path, language, license). Supports streaming, language/license filtering and full download for training and evaluating code LLMs and code generation models.

Hugging Face

Provides labeled prompts with full-reference answers (including chain-of-thought and code blocks) and per-example metadata to train edge routing/orchestrator models that decide whether to handle inputs locally or route them to larger models. Includes complexity scores, coding/math flags, routing justifications, and an automated override rule; suited for fine-tuning small models (50M–1.5B) for edge deployment.