Liberty91
A massive cargo vessel at dusk guided into a narrow harbour entrance by one small pilot boat under warm orange lights, representing a powerful model steered by human judgement
Education7 min read

LLMs in Cybersecurity: Where AI Helps in Threat Intelligence, and Where It Does Not.

Large language models are genuinely good at the high-volume, checkable parts of threat intelligence and genuinely weak at the parts that need judgement. They help most with collection, summarising long reports, extracting indicators and techniques from prose, mapping activity to ATT&CK, translating between formats, and drafting first-pass products. They should not be trusted with the final attribution call, deciding what matters to your organisation, novel reasoning about an actor's intent, or anything that runs on human relationships, and they will sometimes state a wrong answer with complete confidence. The reliable pattern is to let the model do the roughly eighty per cent that is mechanical and verifiable, and keep a human on the twenty per cent that carries consequences. Used that way, an LLM is a force multiplier; used as an oracle, it is a liability.

This guide maps both sides: where LLMs help in CTI, where they fail, why the failures happen, and how to get the upside without the risk.

A quick definition, because the terms get muddled

A large language model is a system trained to predict and generate text, which is what lets it read, summarise, and write fluently. Generative AI is the broader category of models that produce new content, including images and audio; an LLM is the text-and-language member of that family. So when people ask whether ChatGPT is an LLM or generative AI, the answer is both: ChatGPT is an application built on a large language model, which is one kind of generative AI. Keeping that straight matters, because the strengths and the failure modes below come from how these models work, not from the brand on the front of them.

Where LLMs genuinely help

The case for LLMs in CTI is strong, as long as you point them at the right work.

A combine harvester working a vast field at night with its header lit in warm orange and long harvested rows behind it, while a single farmer's truck waits at the field edge, representing machines doing the high-volume work under human oversight

They are excellent at collection and triage, reading the firehose of feeds, blogs, and advisories and surfacing what is relevant so an analyst is not the filter. They are excellent at summarising, turning a long vendor report or a sprawling forum thread into a tight brief in seconds. They are very good at extraction, pulling indicators of compromise, ATT&CK techniques, named actors, and affected sectors out of unstructured text and into structured records. They are good at translation between formats, converting a finding into STIX or a blocklist, and at drafting, producing a first-pass report tailored to an audience that a human then edits. They are also a capable assistant for detection engineering, proposing a Sigma, YARA, or KQL rule from a described behaviour for an engineer to review and test.

What these have in common is that the output is checkable and the task is high-volume. That is exactly the profile of work that eats an analyst's day, and it is the 80/20 problem in CTI: most of the time goes to mechanical work, leaving too little for judgement. LLMs are the lever that flips that ratio.

Where LLMs fail, and why

The failures are not random; they follow from how the models work, so they are predictable enough to design around.

A desert highway at golden hour with a shimmering mirage of a glowing oasis city on the horizon and a single car stopped at the roadside, representing a confident answer that looks real and is not

A model with no grounding answers from what it absorbed in training, which may be out of date, incomplete, or simply wrong, and it knows nothing about your organisation. Ask a general chatbot about a threat actor and you get a plausible summary, not an assessment you can act on. Worse, it will sometimes invent an indicator, a CVE, or an attribution and present it with total confidence, because the model is optimised to produce fluent text, not to know when it does not know. That is the hallucination problem, and in intelligence work a confident wrong answer is more dangerous than an admitted gap.

The deeper limits are about judgement. A model is weak at novel reasoning, the leap that connects two things nobody has connected before, which is often where real intelligence value sits. It cannot make the final attribution call, because attribution rests on weighing messy, partial evidence and being accountable for the conclusion. It cannot decide what matters to your specific organisation without being told. It has no read on an actor's intent beyond the patterns in its text. And it has no access to relationship-based intelligence, the tip from a peer or the trust built in a sharing community, which is frequently the most valuable thing a team has. There is also a bias trap: a fluent, confident model can entrench an analyst's first guess rather than challenge it, which is why the cognitive biases that distort analysis matter more, not less, when an assistant is in the loop.

How to get the upside without the risk

The way to use LLMs safely in CTI is not a single setting; it is a set of habits that compound, and they map directly onto the failures above.

Ground every assessment in provided source material, so the model works from the reporting in front of it and the output stays traceable, rather than drawing on whatever it happened to absorb. Insist on tradecraft, not just summarisation: a source rating, calibrated confidence, and a structured technique like Analysis of Competing Hypotheses turn a paraphrase into an assessment and keep the model from over-claiming. Run a contrarian pass that actively looks for the evidence against the working theory, to counter both the model's confidence and your own bias. And keep a human on anything that carries consequences, reviewing the assessment against its sourcing and confidence and owning the final call. We go deeper on the trade-offs in our hard CTI pills piece, and on the full agent architecture in our guide to AI for threat intelligence.

This is the same eighty-twenty split from a different angle. Let the model carry the mechanical, checkable eighty per cent, and keep judgement on the twenty per cent that decides whether the intelligence is any good. Get that division right and an LLM is the most useful tool a small CTI team has acquired in years. Get it wrong, by treating the model as an oracle whose confident answers are facts, and it will produce mistakes faster than a team can catch them.

Which LLM is best for cybersecurity?

It is the question everyone asks, and it matters less than the architecture around the model. The frontier models are all capable enough that, for CTI work, how the model is grounded, what tradecraft is applied, and whether a human stays in the loop make far more difference to the quality of an assessment than which model sits underneath. A weaker model with good grounding and structured analysis will beat a stronger model used as a bare chatbot. Choose for the things that actually vary in practice: data handling and where your prompts are processed, the ability to call your tools and sources as an agent, and how well it fits the workflow you are building. The model is the engine; the intelligence comes from the system you put around it. If you want to feel the difference in practice, our guide to using Claude Code for threat intelligence shows what one analyst can run with an agent, their own keys, and a pack of CTI skills.

Frequently asked questions.

What is an LLM in cyber security?

A large language model is an AI system trained to read and generate text, used in security to summarise reports, extract indicators and techniques from prose, draft assessments and detection rules, and triage large volumes of source material. It is strong at high-volume, checkable language work and weak at judgement, so it is best used to do the mechanical parts of analysis while a human keeps the final call.

Is ChatGPT an LLM or generative AI?

Both. ChatGPT is an application built on a large language model, and a large language model is one kind of generative AI, the kind that works with text and language. Generative AI is the broad category that also covers image and audio generation; the LLM is the language member of that family.

Where do LLMs help most in threat intelligence?

In the high-volume, checkable work: collection and triage across many sources, summarising long reports, extracting indicators and ATT&CK techniques, converting findings to formats like STIX, drafting first-pass reports, and proposing detection rules for an engineer to review. These are the mechanical tasks that consume most of an analyst's time, so automating them frees the most judgement time.

Where do LLMs fail in threat intelligence?

In judgement and trust: the final attribution call, novel reasoning about intent, deciding what matters to your specific organisation, and relationship-based intelligence. They also hallucinate, sometimes stating an invented indicator or attribution with full confidence, and they can entrench an analyst's bias rather than challenge it. These are the parts that need a human to be accountable for the conclusion.

Which LLM is best for cyber security?

It matters less than the system around it. The frontier models are all capable enough for CTI that grounding, tradecraft, and keeping a human in the loop drive assessment quality far more than the choice of model. A well-grounded weaker model beats a stronger one used as a bare chatbot. Choose mainly for data handling, the ability to call your tools and sources, and workflow fit.

Can I just ask ChatGPT about a threat actor?

You can, but you will get a plausible summary from training data that may be out of date or wrong and knows nothing about your organisation, not an assessment you can act on. A real CTI setup grounds the answer in current sources, contextualises it with knowledge that tracks the actor continuously, applies tradecraft like source rating and calibrated confidence, and keeps an analyst on the final call.

How do you stop an LLM from hallucinating in CTI?

You cannot eliminate it, but you can contain it: ground every assessment in provided sources so it stays traceable, supply current sourced context so events are judged against what is known, apply source rating and calibrated confidence so the model cannot over-claim, run a contrarian pass to hunt disconfirming evidence, and keep a human reviewing anything that carries consequences. No single guardrail is enough; together they make the output checkable.

Put this to work on your own threats.

A free tier of Liberty91 is on the way, so any analyst can put AI-powered threat intelligence to work with no budget and no team. Register your interest now to be first in line when it opens, or grab our free, open-source CTI Skills for your AI coding agent today.

Ready to do more with less?

Request a demo or start your free trial today. Get instant access to AI-powered threat intelligence tailored to your organisation.