Skip to content

Quickstart

From signup to first report in 5 minutes.

What you'll need

  • Corporate email domain (e.g., yourcompany.com).
  • 5 minutes.
  • (For full coverage) API keys for individual detection services. Basic monitoring works without them.

Step 1. Sign up

  1. Go to bcp.bytecode.team.
  2. Click Sign Up.
  3. Enter email and password (minimum 12 characters).
  4. Verify email through the link in your inbox.

Step 2. Create an organization

On first login the platform asks for your organization name:

  • Enter the full legal name of the company — it's used to monitor mentions (on ransomware leak sites, news).
  • Add a primary domain — this automatically creates your first DataSource.

Step 3. Add DataSources

A DataSource is what to monitor. Go to Settings → Data Sources and add:

  • Domains — primary, subdomains, subsidiary company domains.
  • Email addresses — especially C-level, IT, security.
  • Keywords — product names, brands, project codenames.
  • Company names — full, abbreviations, trademarks.

Bare minimum to start

The main domain and 5-10 key employee emails are enough. You can add the rest later.

Step 4. Connect the first detection service

The fastest option — HIBP:

  1. Settings → Detection Sources → HIBP → Connect.
  2. If you have an API key — paste it; if not — get one at https://haveibeenpwned.com/API/Key.
  3. Click Run First Scan.

The first scan typically finds historical breaches (HIBP has history since 2013).

Step 5. Review findings

After 1-2 minutes findings show up in the dashboard:

  • Severity breakdown — Critical / High / Medium / Low.
  • By source — where each finding came from.
  • Recent findings — individual ones to review.

Click a finding to see details and the recommended action.

What's next