CyberBench

Evaluation Suite
English

Themes

researchethics safety

CyberBench is a benchmark evaluation suite designed to assess the cybersecurity capabilities and potential risks of large language models, published at ICLR 2025. It consists of 40 tasks spanning six categories drawn from Capture the Flag competitions: cryptography, web security, reverse engineering, forensics, miscellaneous challenges, and binary exploitation (pwn).

Tasks include subtasks and are executed within a Kali Linux environment, reflecting realistic offensive security scenarios. The benchmark targets researchers and developers seeking to measure how effectively language models can reason about and perform cybersecurity tasks, providing a structured framework for both capability assessment and risk evaluation across text and code modalities.

CyberBench: The New Standard for Evaluating AI Cybersecurity Capabilities at ICLR 2025

As large language models continue to evolve, their ability to generate code and reason through complex technical problems has raised both excitement and alarm within the global cybersecurity community. Addressing the urgent need for standardized evaluation, researchers have introduced CyberBench, a comprehensive benchmark evaluation suite unveiled at the prestigious International Conference on Learning Representations (ICLR) in 2025. CyberBench, also known in the research community as Cybench, is specifically designed to rigorously assess the cybersecurity capabilities and potential risks associated with state-of-the-art artificial intelligence systems. By providing a structured, realistic testing ground, CyberBench aims to demystify exactly how well language models can understand, execute, and navigate offensive security scenarios.

The Dual Purpose of CyberBench

The primary objective of CyberBench is twofold: to measure the offensive and defensive capabilities of large language models and to evaluate the inherent risks these models pose if leveraged by malicious actors. Prior to the introduction of CyberBench, the AI research community lacked a cohesive, standardized framework to test language models on highly technical, multi-step cybersecurity operations. CyberBench fills this critical gap by targeting researchers and developers who need to measure how effectively their models can reason about and perform intricate security tasks. Furthermore, CyberBench evaluates these models across both text and code modalities, ensuring a holistic assessment of an AI system's ability to not only explain theoretical security concepts but to actively exploit or patch vulnerabilities in a live, dynamic environment.

Methodology: A Rigorous Capture the Flag Framework

To accurately reflect the complexities of real-world cybersecurity, the methodology behind CyberBench is deeply rooted in the structure of Capture the Flag (CTF) competitions. The benchmark consists of 40 distinct, highly challenging tasks that span six core categories of cybersecurity. These categories include cryptography, web security, reverse engineering, digital forensics, miscellaneous challenges, and binary exploitation, commonly known in the offensive security community as pwn. By categorizing the evaluations in this precise manner, CyberBench ensures that language models are tested on a wide spectrum of technical skills, ranging from decrypting obfuscated data to manipulating memory architectures in compiled binaries.

What truly sets CyberBench apart from traditional coding benchmarks is its dynamic and interactive execution environment. Rather than relying on static question-and-answer prompts, the 40 tasks and their corresponding subtasks are executed within a live Kali Linux environment. Kali Linux is the industry standard operating system for penetration testing and ethical hacking. By embedding the evaluation within this authentic setting, CyberBench forces the language models to interact with real command-line interfaces, utilize standard security tools, and adapt to live system feedback. This design choice guarantees that CyberBench accurately reflects realistic offensive security scenarios, moving the evaluation of AI beyond theoretical knowledge to practical, operational execution.

Key Findings from the Initial CyberBench Evaluations

The publication of CyberBench at ICLR 2025 brought to light several critical findings regarding the current state of large language models in cybersecurity contexts. When subjected to the rigorous 40 tasks of CyberBench, most contemporary models demonstrated a baseline proficiency in identifying common vulnerabilities within the web security and cryptography categories. However, the benchmark revealed significant limitations in the models' capacity for the deep, multi-step reasoning required for advanced reverse engineering and binary exploitation tasks. In the Kali Linux environment, models frequently struggled to maintain technical context across prolonged interactions, often failing to correctly chain together the multiple subtasks necessary to achieve a successful exploit. These findings underscore that while AI systems possess vast theoretical knowledge of cybersecurity, their practical, autonomous offensive capabilities currently remain limited, thereby providing a highly nuanced view of the actual threat landscape.

The Significance of CyberBench for Researchers and Developers

The introduction of CyberBench at ICLR 2025 marks a pivotal moment in AI safety and security research. For developers of large language models, CyberBench provides an indispensable, structured framework for capability assessment. It allows engineering teams to quantify the exact security proficiency of their models before public deployment, ensuring that safety guardrails are appropriately calibrated. Conversely, for cybersecurity professionals and risk assessors, CyberBench

Report