At Kindo, we’ve long believed that DevSecOps professionals and those learning the trade need an AI model built specifically for them—an AI that’s not only capable of parsing code and configurations but also unafraid to tackle the thornier tasks of vulnerability discovery and exploitation. That’s exactly why we built WhiteRabbitNeo—the first cybersecurity AI launched way back in December of 2023 that can handle everything from scanning infrastructure-as-code for subtle misconfigurations to simulating attack scenarios on live systems. Today, we’re excited to announce our biggest leap forward yet: WhiteRabbitNeo V3. 

What Makes WhiteRabbitNeo Different?

An Accessible Open Weight Domain-Specific Model for Real DevSecOps Tasks
Unlike generic chatbots, WhiteRabbitNeo is trained on a vast corpus of DevOps and SecOps data—including vulnerability management, incident response, malware analysis, infrastructure as code, and more. We’ve worked with hundreds of thousands of users across 1,400 enterprises to understand real-world usage to shape the focus of WhiteRabbitNeo v3 training. The result: a 7B-parameter open-weight model that thinks like a DevOps and SecOps engineer because it was raised on security and IT operations data. 

Uncensored, Offensively and Defensively
When red teams need to write a script that exploits a newly discovered CVE, they won’t hit a wall of “I’m sorry, but I can’t help with that.” WhiteRabbitNeo embraces these dual-use scenarios responsibly, empowering red-teamers to help defend their systems. Whether it’s generating a proof-of-concept exploit or suggesting a secure patch, V3 provides the range of actions real teams need—without moralizing or refusing crucial tasks. Your security posture isn’t purely defensive, so your AI shouldn’t be either.

Under the Hood: A Taxonomy of Knowledge

At the core of WhiteRabbitNeo’s success lies our taxonomy-based training approach. While other LLMs memorize stacks of random text, WhiteRabbitNeo V3 tackles progressively complex security and operations tasks, moving from rote memorization to conceptual application of knowledge. By escalating difficulty and depth—from “greenfield code writing” to “pinpoint the root cause buried in a misconfigured Terraform file”—the model gains a kind of practical intuition. We call it taxonomy-informed fine-tuning, and it’s why WhiteRabbitNeo V3 consistently outperforms even larger general-purpose models on DevSecOps tasks.

This approach involved training on over a million supervised Q&A pairs, each sourced from real incidents and usage patterns in web security, malware, infra-as-code, vulnerability databases, and more. We upgraded the base model to a more capable Qwen 2.5 Coder model and systematically expanded its horizons into DevSecOps scenarios. V3 also handles larger contexts more gracefully than its predecessors, letting you feed it sprawling logs and configurations without losing coherence or depth.

Key Advancements in V3

1. Significantly Expanded Knowledge Base
   V3 brings in more domains—web security, malware, container scanning, IOC, vulnerability databases, and advanced threat intelligence—making it a go-to AI for both new and seasoned security teams.
   
   
2. Improved Tool Calling & Agentic Capabilities
   Tool integration in an AI-native platform isn’t just about hooking up an API; it’s about teaching the model to autonomously decide which tool to call and when. WhiteRabbitNeo V3 has made major strides in orchestrating multi-step tasks. It can parse logs, interpret vulnerability reports, synthesize results, and propose next steps, all with minimal human guidance.
   
   
3. Deep Context and Long Conversations
   Where previous versions might have tripped over extended dialogues, V3 keeps a firm grasp on the thread, linking earlier details to later analysis. This is crucial in security investigations that evolve as new data arrives.
   
   
4. Agentic Performance on Cybench
   While WhiteRabbitNeo is designed to be an accessible general purpose cybersecurity and infrastructure AI we ran it against Cybench—a test designed to see how well AI models autonomously solve real cybersecurity capture the flag tasks. WhiteRabbitNeo V3 solved 5% of CTF-style challenges on Cybench—matching or exceeding the performance of models like Llama 3 (70B) that are 10–20x larger. Even more impressive, WhiteRabbitNeo V3 accomplished this on a single A100 GPU. It’s even small enough to run on high-end MacBooks, demonstrating how efficiently it can handle enterprise workloads without a massive GPU cluster or privately on your own hardware.

Real Deployments & Use Cases

WhiteRabbitNeo hasn’t just lived in a lab. Earlier versions of WhiteRabbitNeo have:

• Sped up red-team exercises by autonomously generating exploits and then suggesting fixes.
• Reduced remediation times during incident response by scanning volumes of config data for the true root cause.
• Helped novices at DEF CON compete in CTF challenges by guiding them step-by-step through the hacking lifecycle.

With V3’s expanded domain coverage and improved reasoning, we’re seeing it identify vulnerable Terraform plans, cross-reference exploit databases, and generate both proofs-of-concept and remediation code in minutes. In short, if it’s part of your DevSecOps workflow, WhiteRabbitNeo V3 can probably handle it.

Part of Kindo’s AI-Native Platform

While WhiteRabbitNeo can run standalone, it also serves as the engine that powers the Kindo AI-native platform. Imagine an AI agent that doesn’t just talk about security tasks, but actually executes them—whether it’s patching a misconfiguration, sending real-time alerts, or spinning up ephemeral environments to test code changes. Earlier versions of WhiteRabbitNeo laid the groundwork for that agentic approach; V3 takes it further with a significantly expanded knowledge base and training on DevSecOps tasks, letting your team set broader goals while the AI handles the heavy lifting.

For security engineers working in restricted or air-gapped environments, WhiteRabbitNeo V3’s 7B parameter size and efficient runtime means you can run it completely on-premises. No multi-tenant cloud LLM with heavy censorship. No complicated provisioning of dozens of GPUs. Just the private, domain-specific AI model your enterprise needs.

What’s Next

WhiteRabbitNeo V3 is a major milestone on Kindo’s broader journey toward fully autonomous infrastructure—secure by design, managed by an agent that can read code, fix bugs, respond to threats, and continuously evolve alongside your systems. We’re already hard at work on future versions that will have deeper reasoning, autonomy, integrate with even more tools, and push the limits of real-time security decision-making.

For now, we couldn’t be more proud to ship V3 to our customers, partners, and the wider community. DevOps, SecOps, and beyond—you finally have a model that speaks your language and isn’t afraid to do the dirty work. More importantly, it can do it all with minimal compute, minimal fuss, and maximum practical impact.

If you’d like to see WhiteRabbitNeo V3 in action—or just learn more about how an AI agent can transform your DevSecOps workflow—reach out to us at Kindo. We’ll be happy to show you how we’re making next-gen cybersecurity and infrastructure management a reality.

‍