BugBunny is a pure-play AI agent company applying multi-agent coordination to the offensive security vertical. They utilize specialized agents that work in parallel to perform complex reasoning tasks—reconnaissance, scanning, and exploit development—that were previously the sole domain of human security researchers. This makes them a key example of how agentic systems can replace high-value, niche human expertise.

Within the broader ecosystem, BugBunny is particularly relevant for their work in securing the AI stack itself. By discovering vulnerabilities in foundational AI infrastructure like vLLM and Flowise, they are part of the critical layer of 'agents securing agents.' Their existence highlights a future where autonomous agents are both the primary attackers and defenders of digital infrastructure, requiring a new set of security standards for agent-to-agent interactions.

The autonomous red team

BugBunny is part of a shift in offensive security, moving away from static vulnerability scanning toward active, autonomous exploitation. Based in Zug, Switzerland, and operating as Sequester AG, the company builds a platform where AI agents act as a persistent red team. The system is designed to handle the entire lifecycle of a security audit without human intervention, from the initial mapping of an attack surface to the delivery of verified exploits.

The core of the platform is a multi-agent architecture. These coordinated agents are specialized by task: some focus on reconnaissance to discover subdomains and endpoints, while others engage in adaptive vulnerability testing. This testing covers a range of attack vectors, including SQL injection, remote code execution (RCE), and cross-site scripting (XSS). By using large language models to reason through these tasks, the platform can navigate complex, multi-step vulnerabilities that traditional scanners often miss.

Beyond signature matching

The primary differentiator for BugBunny is its emphasis on verification. In traditional security tooling, false positives are a significant burden for engineering teams. BugBunny addresses this by requiring its agents to produce a working proof-of-concept (PoC) before a finding is flagged as critical or high severity. This approach is reflected in their "Zero Day / Zero Pay" pricing model, where users are only charged credits for verified findings on certain tiers. This aligns the company's incentives with the actual discovery of exploitable bugs rather than the mere volume of alerts.

This agentic capability has been demonstrated through the company's "Hall of Fame," which documents critical vulnerabilities discovered in major open-source projects and enterprise tools. Their research team has identified RCEs in Google’s Gemini CLI and the vLLM serving framework, as well as session storage vulnerabilities in React Router. These are not basic configuration errors but complex logic and deserialization flaws, suggesting that their agents can effectively analyze modern, high-performance codebases.

Continuous security in the CI/CD pipeline

While manual penetration testing is usually a lumpy, expensive expense that occurs once or twice a year, BugBunny attempts to make the process continuous. By offering a subscription model and integrating directly with GitHub, the platform moves security testing into the developer's daily workflow. The agents can review pull requests and suggest inline patches, turning a security audit into a gate for every code change.

For the enterprise, the platform offers a "Command" tier with on-premises deployment options and SIEM integrations, allowing it to fit into existing security operations centers. The shift from a $20,000 manual engagement to a $2,000 monthly automated service represents a significant change in how companies allocate security budgets. While the risks of running autonomous exploit agents on production systems are inherent, the company’s focus on authorized targets and compliance-ready reporting suggests a focus on the regulated enterprise market.