DeepSeek: Is it a Powerful Ally or a Privacy Nightmare for Cybersecurity Companies?

DeepSeek, a China-based large language model (LLM), is making waves globally and growing faster than ChatGPT. It shows exceptional performance, scalability, and flexibility and is way more affordable than its rivals.

Contrary to the idea that developing advanced LLMs requires a lot of resources, DeepSeek did it for just US$6 million. Within days, it outranked ChatGPT to become the most downloaded app in the US.

Cybersecurity companies can use AI-powered solutions like DeepSeek to automate security tasks, improve threat intelligence, and create better incident response plans.

On the flip side, DeepSeek involves certain security and privacy concerns, which can change the game if you belong to the cybersecurity industry.

So, if you are wondering whether you should use DeepSeek in your workflow or not, this article aims to guide you.

What Is DeepSeek?

DeepSeek is a China-based artificial intelligence startup that has been making waves globally for its innovative AI models, such as DeepSeek-R1. It was launched in 2023 by Liang Wenfeng who is also a co-founder of a Chinese hedge fund, High-Flyer, which owns DeepSeek.

The company primarily develops open-source large language models (LLMs) and provides various services, such as a mobile app and a web interface for its models. It released its first model in November 2023 and kept on reiterating. But it was only R1 that gave DeepSeek worldwide fame after its release in January 2025.

According to the reports, the DeepSeek-R1 model is trained at US$6 million. This value is significantly lower than that of its competitors, such as ChatGPT, LLaMa, Gemini, Claude, and Qwen. For example, OpenAI’s GPT-4 cost $100 million in training in 2023 while Meta’s LLaMa uses 10x more computer power than DeepSeek-R1.

Apart from cost, DeepSeek is giving tough competition to its rivals in terms of performance. Contradicting the belief that closed-source AI models can only dominate tech innovation, the reasoning model, DeepSeek-R1 performs excellently, offering faster and accurate responses. Since it’s open-source, anyone can use the source code and modify it to create their AI models and use it for their needs.

Background: What Led to the Birth of DeepSeek?

DeepSeek developed its AI models amid sanctions that the United States imposed on China and many other countries for importing chips for building and training AI models. This move was to curb their ability to create advanced AI models and solutions.

This backfired in the US. Instead of relying on these chips, China turned to the open-source approach. Many companies in China, including DeepSeek, took this approach to speed up innovation and boost AI usage.

Take DeepSeek-R1 for example. The company first released its free chatbot app on January 10 2025 for Android and iOS. In the US alone, DeepSeek-R1 was downloaded more than 2 million times by January 27 2025, dethroning ChatGPT to become the most downloaded free application on the App Store in the country. This caused the “microchip giant”, NVIDIA to lose 18% of its share price.

This open-source trend is not limited to just China; companies, data centre providers, and academics in Europe have joined hands to develop multilingual, high-performance LLMs – OpenEuroLLM.

These initiatives provide a broader picture of how AI will be built and shaped in the future. This also encourages countries to be self-reliant by creating domestic data centres and AI labs.

DeepSeek’s Large Language Models (LLMs)

DeepSeek has released various generative AI models since its inception in 2023, working on each to make them more advanced, high-performing, and scalable. Let’s explore them one by one:

DeepSeek Coder

DeepSeek Coder was released in November 2023 as the first open-source LLM by the company. It’s created from a series of code language models with each model trained on 2 trillion tokens from scratch. These models comprise 13% natural language in Chinese and English and 87% code.

Coder is best for coding tasks. It supports project-level coding, infilling tasks, and fill-in-the-blank tasks. It performs excellently in various programming languages, such as Python, JavaScript, C#, TypeScript, Java, C++, Bash, and PHP. It’s scalable and flexible, offering different model sizes – 1 billion, 5.7 billion, 6.7 billion, and 33 billion. This means users can choose their preferred model based on their needs.

DeepSeek LLM

DeepSeeK LLM is the first version of DeepSeek’s general-purpose model released in December 2023. It has a similar architecture to that of LLaMa. This advanced LLM has 67 billion parameters and is trained on 2 trillion tokens in Chinese and English. It works excellently in reasoning, math, Chinese comprehension, and coding.

To enhance the variety and richness of datasets, DeepSeek uses multiple methods, such as deterministic randomisation, dataset pruning, and deduplication. Its training data includes content from the internet, books, code, math, self-collected data, etc.

DeepSeek-V2

The company released DeepSeek-V2 in May 2024 as the 2nd version of DeepSeek LLM. This time, it focused on reducing training costs and enhancing performance. The model uses multi-head latent attention (MLA) and the Mixture of Experts (MoE) architectures to offer efficient inference and economical training.

V2 has a total of 236 billion parameters and 21 billion of them are activated for every token. According to the company, V2 offers stronger performance than DeepSeek LLM, reducing 93.3% of (key value) KV cache and improving the maximum generation throughput value by 5.76x. V2 includes:

• 2 base models: DeepSeek-V2 and DeepSeek-V2-Lite
• 2 chatbots: DeepSeek-V2-Chat (SFT) and DeepSeek-V2-Chat
  
  

DeepSeek-Math

Designed for mathematical reasoning, DeepSeek-Math was released in April 2024. It has three variants – Base, Instruct, and RL and is initialised with DeepSeek-Coder-v1.5 7B. It’s pre-trained on a vast number of math tokens, including 500 billion tokens for code data and natural language.

The company claims that it’s similar in performance to that of GPT-4 and Gemini-Ultra. The model solves math problems, proves theorems, and generates self-contained math solutions. It’s also capable of language comprehension, reasoning, and coding.

DeepSeek Coder-V2

DeepSeek Coder-V2 is the next version of Coder. It’s an open-source MoE code language AI model for obtaining superior performance in coding-related tasks. It’s also excellent for reasoning and language comprehension. The company released 4 more models in this series in June 2024:

• V2-Base
• V2-Lite-Base
• V2-Instruct
• V2-Lite-Instruct
  
  

4.2 trillion tokens were used to pre-train the Base models and then initialised. The company further pre-trained the models with 6 trillion tokens and extended the context length to 128K.

DeepSeek-V3

DeepSeek-V3 is a powerful MoE model with a total parameter of 671 billion, of which 37 billion are activated for every token. It uses the multi-head latent attention (MLA) architecture to achieve cost-effective training and efficient inference. It also focuses on enhancing performance with multi-token prediction training and load balancing.

For pre-training, the company used 14.8 trillion high-quality and diverse tokens and methods, such as reinforcement learning (RL) and supervised fine-tuning (SFT). It’s economical, costing just 2.664M H800 GPU hours for pre-training on 14.8 trillion tokens.

DeepSeek-R1

The DeepSeek-R1 model is built on V3 and released in January 2025. It competes directly with top closed-source models, such as Open AI’s GPT o1 in performance and cost. It’s fully open-source and MIT-licensed like other DeepSeek models and comes with a technical report.

Similar to V3, it has 671 billion parameters and 128k context length. R1 works excellently in language comprehension and reasoning. This makes it suitable for tasks like content creation, coding, math calculations, etc.

Benefits of Using DeepSeek for Cybersecurity Companies

If you are a cybersecurity company and looking to use DeepSeek in your workflow, here’s how it can help:

Threat Intelligence
DeepSeek is capable of processing a vast number of datasets at a very high speed. Cybersecurity companies can use this capability of DeepSeek to boost their threat intelligence efforts. They can use it to update their threat database with the latest risks, vulnerabilities, attacks, and trends.

This helps them correlate and detect malicious patterns faster and with more precision than traditional techniques. This way, mitigating threats becomes easier for cybersecurity companies, so they can protect end users’ systems and data.

Risk Analysis
Risk analysis is an ongoing activity. Cybersecurity solutions providers do this to analyse threats in an organisation’s systems and network and prevent them before they can cause any harm.

DeepSeek models can assist cybersecurity providers in scanning a large number of app logs and activities. But doing this manually takes a lot of time and effort from security professionals. A powerful generative AI, such as DeepSeek, can scan your security logs to identify suspicious or abnormal patterns that may indicate a cyber threat. This will free up time, so you can dedicate it to more valuable activities.

Faster Incident Response
Every second is important when a cyberattack hits your organisation. A solid incident response plan with each step outlined clearly makes a whole lot of difference. It works as a guideline that you can follow to mitigate risks and secure your assets from attackers.

With AI-powered data analysis, you can create a stronger incident response plan based on your attack surface, risk appetite, and the type of attack you are more likely to face. In the event of a cyberattack, you can follow the guidelines to identify security breaches, get to their root causes, and mitigate threats. It will help you reduce the impact of an attack and prevent similar occurrences in the future.

Alerts and Notifications
False positives or negatives frustrate users. They consume your resources and time in investigating the case only to be futile in the end.
To solve this, cybersecurity solutions providers can utilise DeepSeek to decrease their security software’s false positives/negatives. The generative AI is trained on trillions of data, including programming languages such as Java, JavaScript, C#, C++, Python, PHP, and more.

Cost-Efficient Automation
DeepSeek is an open-source generative AI that’s available for free to use and modify. This means you can use it to automate your security tasks at a fraction of the cost compared to enterprise AI-based solutions. It’s best for smaller organisations with limited budgets.

Innovation
No one wants to be left behind in this AI race. With close-source AI models, such as ChatGPT, and many countries facing US sanctions on microchips, DeepSeek has given a new ray of hope and a pathway to self-reliance. Its open-source model allows anyone to view, use, and modify its source code and speed up AI innovation for free.

Individuals and companies can use it in a variety of ways, from coding to reasoning and creating programs to solve real-world problems.

Security and Data Privacy Risks with DeepSeek

Yes, DeepSeek is powerful. It’s high-performing, flexible, scalable, and it’s free to use! However, when you are in the cybersecurity industry, these benefits are not the only thing you must factor in. Look beyond it for something far more important - data security and privacy.
Let’s talk about some data security and privacy concerns with DeepSeek:

Exposed database: According to Wiz Research, one of DeepSeek’s public databases, ClickHouse was left unauthenticated and open to the public. It allowed users to fully control database operations, such as accessing internal data. The database contains 1M+ lines of sensitive data logs, including secret keys, chat history, backend details, etc. The company secured the database after Wiz informed them.

Prone to exploitation: Although open-source is useful for innovation, it’s also prone to exploitation by cyber attackers. The reason is anyone can modify and repackage the open-source tech. And cyberattackers do it to harm others and benefit themselves, mainly for financial purposes.
A series of cyberattacks: DeepSeek recently faced a series of cyber attacks on various services, which disrupted the company for days. This is why it plans to limit new user registrations temporarily. According to reports, cyber attackers targeted DeepSeek through Memcached reflection and Network Time Protocol (NTP) reflection attacks.

Security vulnerabilities: According to Cisco research, DeepSeek-R1 has several security vulnerabilities. The research team executed an automated attack on DeepSeek-R1 using the algorithmic jailbreaking method to test the AI’s cyber resilience. Result – 100% attack success rate. This means R1 could not block any harmful prompt at all.

Impersonation: Researchers found some malicious packages impersonating DeepSeek in the Python Package Index (PyPi). The malware is an information stealer that can trick developers from downloading them and compromising their systems.
Privacy: All the data that goes into DeepSeek is saved in its data centres in China. The company follows China’s information laws that allow the government to access and control data. This is concerning for users. In addition, it doesn’t comply with Western regulations, such as GDPR, CCPA, ISO, HIPAA, etc.

Due to these security and privacy concerns, many countries and agencies have banned DeepSeek. Some of them are Taiwan and Italy and government agencies, such as the US Navy and US Congress.

DeepSeek vs ChatGPT: What’s Better for Security Teams

DeepSeek and ChatGPT are both generative AI LLMs that work excellently. You’ll generate human-like responses and assist in coding, reasoning, and real-world problem-solving. But they still are different in a variety of ways. Let’s compare ChatGPT vs DeepSeek side by side:

Parameter	ChatGPT	DeepSeek
Company	OpenAI	DeepSeek AI
Established in	2015	2023
Founder	Sam Altman	Liang Wenfeng
Headquarter	San Francisco, California, US	Hangzhou, China
Type	Closed source	Open source
License	Proprietary license	MIT
Important models	GPT-40, o1	DeepSeek-R1, DeepSeek-V3
Parameters	Approximately 175 billion	671 billion
Architecture	Generative pre-trained transformer (GPT) model	Mixture of Experts (MoE), multi-head latent attention (MLA)
Training approach	Supervised fine-tuning (SFT) and reinforcement learning from human feedback (RLHF)	SFT and RL
Training data source	Software manuals, programming languages, internet content, etc.	Internet content, studies, coding languages, etc.
Development and training cost	Over US$600 million	US$6 million
Running cost	Over US $100 per million tokens	Less than US$4 per million tokens
Security	Data is hosted in secure cloud infrastructures by OpenAI	Data entering into it is stored on China-based servers that the government may have access to
Data privacy	Compliant with regulations, such as GDPR and CCPA	Not compliant with Western data privacy guidelines
Applications	Content creation, academic research, coding, economics, and education	Content creation, problem-solving, academics, education, etc.

Advantages and Disadvantages of Using DeepSeek

Advantages of DeepSeek

Cost-effective: DeepSeek is an affordable solution for businesses as compared to major rivals, such as ChatGPT.
High-performance: DeepSeek is capable of processing a massive amount of data at a faster speed, all thanks to its architecture - Mixture of Experts (MoE). This is another reason why it’s suitable in cybersecurity applications where the reaction time must be faster.
Multi-language support: While a majority of AI models support only English, DeepSeek supports English and Chinese. This is a chance for the non-English population to contribute to AI innovation.
Flexible and scalable: DeepSeek uses the MoE architecture. This gives you the option to activate only that part of the model necessary to complete a specific task. This way, you can scale your workload based on your needs and minimise computational costs.

Disadvantages of DeepSeek

Security: DeepSeek has already faced large-scale cyberattacks on various services. This is concerning because it handles a massive amount of data, and a data breach would mean losing all this data to the wrong hands.
Data privacy: DeepSeek’s data is stored in China-based data centres where there is a chance of government control. This is an absolute no-go for a cybersecurity company.
Compliance: DeepSeek is not bound by any Western data privacy authority, such as GDPR, ISO, CCPA, etc.
Censorship: DeepSeek follows China’s information laws, where responses could be manipulated, biased, or inaccurate, and some topics are censored.

Should Cybersecurity Companies Use DeepSeek?

DeepSeek is without a doubt a promising generative AI with powerful capabilities, performance, scalability, and flexibility. It’s available at a fraction of the cost than its rivals. Whether you want to use it for content creation and coding or solving math problems and reasoning, it works wonderfully.
For cybersecurity companies, it can assist in threat intelligence, incident response, improving alert fatigue, and automation of security tasks. But you can’t deny the security and privacy risks that come with it – recent cyberattacks, vulnerabilities, and privacy concerns. So, tread carefully!
We at Microminder CS offer advanced cybersecurity tools and solutions to protect your systems and data from adversaries. Whether you’re looking for vulnerability management, incident response, or compliance with GDPR, SAMA, HIPAA, PCI DSS, DORA, and more, we can help. 

Contact Microminder CS to get started.