Firulai or the democratization of vulnerability management
Vulnerability Management Has an Access Problem
Around 130 new vulnerabilities are published in the CVE registry every day. In 2025, that meant over 47,000. If you manage the security risks of a company or its infrastructure and want to be at least somewhat aware of emerging risks, having 130 new vulnerabilities a day represents a tremendous information overload. No human being can process all that information without losing practically the entire day (and some of their mental health) to it.
For years, the industry has tried to tackle this problem with scanning tools, threat intelligence feeds, and more recently, of course, with artificial intelligence. And make no mistake, the progress has been real: platforms like Tenable and Qualys integrate AI layers to prioritize alerts, correlate assets, and predict which vulnerabilities are most likely to be actively exploited.
But there's a problem these solutions don't solve for most organizations: their price and the complexity of adoption make them exclusive tools for large companies with dedicated security teams. For the rest—the vast majority of organizations that manage their own infrastructure with small (even single-parent) teams and tight budgets—vulnerability management remains an unsolved problem.
It's known to exist.
It's known to matter.
But there's no time, no tools, no budget to address it properly.
Democratizing Vulnerability Management
With these elements in mind, we decided to create our own solution, based on what we observed in the security audits we at Redsauce conducted in various companies. When it comes to vulnerability management, the vast majority of teams react to vulnerabilities that appear long before they actually occur. The goal: to have a product that doesn't require weeks of training and five-figure contracts, but rather a tool designed so that any team can manage the security of its infrastructure clearly, simply, and effectively. And that's how our application "Firulai" (Framework for Intelligent Risk Uncovering, Logging, and AI) was born.
At Redsauce, we've spent months building Firulai with a clear conviction: infrastructure security shouldn't be a privilege reserved for organizations with the most resources. It should be something that any team can manage clearly and easily.
The proposition:
Firulai cross-references the state of your systems with known vulnerabilities and shows only what directly affects you. How does it do this? By deploying an agent on your machine and correlating it (using internal algorithms and artificial intelligence) with the vulnerabilities. This comparison is performed constantly in order to implement solutions as soon as a correlation is found. All in the simplest way possible.
This translates into concrete capabilities from day one:
Contextualized CVE Browser: Explore filtered vulnerabilities based on your actual exposure, not the generic universe of published CVEs.
System View: Access any device in your infrastructure and see its characteristics and security status at a glance: package versions, open issues, firmware, base software, etc.
Integrated Issues: Firulai doesn't just detect vulnerabilities; it tracks the issues stemming from them in your environment so you know what's pending and the status of each problem.
The interface is designed to be intuitive to use, requiring no specific training.
The beta version is almost ready
We are about to open the doors to a first beta version and want to do so with a small group of users who want to test it in their real-world environment, give us feedback, and help us fine-tune the tool before the general release. Participation is completely free.
If you manage your own infrastructure, believe you can improve vulnerability management, what you've read about Firulai resonates with you, and you're interested in learning more or even trying out the beta version, we'd love to talk to you. Write to us at info@redsauce.net with the subject Beta Firulai or use the contact form and we will be happy to answer you personally.