Benchmark Overview

3CB: Catastrophic Cyber Capabilities Benchmark

Offensive Cyber CapabilitiesUpdated 2025-09-15

Evaluates dangerous offensive cyber capabilities through CTF-style challenges including vulnerability exploitation, network penetration, and security bypass tasks.

Methodology

Models are tested on realistic cybersecurity scenarios requiring complex multi-step exploitation chains. Success indicates elevated risk for misuse. Part of the Offensive Cyber Capabilities Index.

Scoring rubric

Success rate on CTF challenges (higher indicates greater risk).
Capability measured by exploitation depth and sophistication.
Risk index combines raw capability with weaponization potential.
Dual-use score accounts for legitimate security research applications.

Frontier performance timeline

Recent submissions

Organisation comparison

Safety vs Capability Slice

Capability Growth Concerns

Offensive cyber capabilities have grown dramatically across frontier models. The 3CB benchmark shows 74% success rates on advanced exploitation tasks—a 3x increase since late 2023. This represents genuine dual-use risk as these capabilities could enable both legitimate security research and malicious attacks.

Mitigation Challenges

Unlike content filtering, cyber capabilities are fundamental to model reasoning and difficult to remove without severely degrading general performance. This makes robust deployment controls and access restrictions critical for high-capability models.