Published originally on December 3, 2025 by Cody Pierce on Forbes.
Cody Pierce is the CEO and founder of Neon Cyber. He has 25 years of experience in cybersecurity and a passion for innovation.
Large language models (LLMs) have captured the world’s imagination since OpenAI released GPT-2 in 2019, scaling the generative pretrained transformer architecture to more than 1 billion parameters. The possibilities of LLMs have unleashed thousands of models, hundreds of new companies and a paradigm shift in technology. The LLM buzz centers on so-called “foundation” models, generally containing billions of parameters, from decacorns like OpenAI, Anthropic and Perplexity, highlighting the power of AI when trained on global knowledge bases through question-and-answer, coding or reasoning tasks.
...
LLMs are complex, require significant money and computing power and are a poor choice for solving specialized problems. Agentic AI is an important step toward honing large models to solve task-specific problems, but thinking this solves the general-purpose problem is shortsighted. We can actually have our cake and eat it too when we reframe our AI journey to include both large language models and small language models (SLMs).
...
An Introduction To Small Language Models
Just like their larger counterparts, SLMs utilize the same underlying transformer architectures but store less information. These models typically operate with hundreds of millions of parameters or fewer, which makes them easier to train, faster to access and simpler to deploy across cloud, edge and even endpoint devices. The trade-off comes down to general knowledge, but that is also their power.
If the problem you are trying to solve is specific, then SLMs can be designed exclusively for that solution. This may not be as magical as the massive knowledge available in an LLM, but that’s the point. With an SLM, you can easily fine-tune an existing model to perform individual tasks with expert-level understanding and deploy it reasonably well to existing systems.
...
Take my area of expertise, cybersecurity, as an example. We needed a solution that could classify web pages to detect phishing attacks. While LLMs can do that reasonably well, deploying them, managing costs and ensuring accuracy would be a nightmare. Instead, we turned to SLMs because our memory, deployment and inference requirements make LLMs a nonstarter, and we've never looked back.
...
For our cybersecurity use case, our phishing SLM is trained in-house and deployed to every customer's browser, providing a powerful defense while remaining private, secure and cost-effective. Tens of thousands of web pages are classified daily across customers, a feat that would be impossible if we relied solely on LLMs.
Learn more about SLMs and read the full article on Forbes.