I Fine-Tuned a Security Reasoning Model That Runs on a 4GB Laptop (No GPU, No Cloud)

The Problem: Security AI Needs to Stay On Your Machine Every time you paste a suspicious log, a CVE description, or an internal config into a cloud LLM, that data leaves your machine. For security work red team engagements, incident response, air-gapped environments that's a real problem. You can't send client data to an API. You can't pipe internal logs to OpenAI. But local security models have been terrible. They either: Require expensive hardware (A100, 80GB VRAM) Don't reason they pattern-match and hallucinate CVE numbers Have no training signal for the AI-native threats that actually matter in 2025–2026 So I built one that doesn't have those problems. What I Built security-slm-unsloth-1.5b a fine-tuned DeepSeek-R1-Distill-Qwen-1.5B model that: Runs offline on a 4GB RAM laptop, CPU only Thinks before it answers 100% chain-of-thought ( <think> ) activation Covers 2026 AI-native attack classes: MCP tool poisoning, Crescendo jailbreaks, agentic lateral movement, LLM-assisted SSRF Ship