top of page

Finding security  threats  in your network is like finding needles in a haystack.

Threats that lead to cyber-attacks are like needles. Firebug is like a magnet that pulls out the hard-to-find needle in your haystack. It pinpoints suspicious behaviour you want to know about.


Our Network Threat Hunting as a Services delivers clear, actionable reports with coordinates on threats, increasing your chance of stopping an attack on your network.

How Firebug works

Firebug is installed on your network

It's a lightweight, virtual appliance that requires installation in a strategic location with network traffic Ingest. It is constantly analysing network traffic. 

Firebug reads header metadata    

It then uses statistics to pinpoint anomalous behaviour in network traffic. It uses explainable AI to analyse anomalies to determine if they are events.​ 

Delivers high priority, high fidelity events 
It performs a daily check that escalates Priority 1 & 2 events straight to you. Firebug then provides a weekly threat with insights & actionable coordinates.

You eliminate threats 

Your IT team uses the report to eliminate the threat. 


Network Threat Hunting as a Service will help find threats like:





“Firebug has been successful in detecting activity unlike that of other solutions on the market”

Ian Millar CTO Venues West

Things  firebug  has found on client's networks that other tools didn't...


  • Backdoors to China 

  • Backdoors to Russia 

  • Backdoors to known Command & Control (C2) servers. 

  • Beacons from toolkits such as Sharphound, Covenant & CobaltStrike.


  • Open & forgotten LDAP communication 

  • Unauthorised Machines

  • Forgotten Legacy systems missing VLANs


  • Entire company video conferencing equipment beaconing China

  • Broadcasting network configuration in clear over internet

  • Misconfigurations of firewalls

  • Out-of-policy IOT behaviour

  • Each machine was enumerating the entire network

High priority, high fidelity  events  
delivered to you.

bottom of page