Customer Case Studies

Measurable outcomes from real CurlSek engagements: launch-critical fintech validation, first-pass compliance readiness, MSSP delivery at scale, emerging CVE response with Probe, continuous VAPT through a cloud portal, and vendor-risk assessments for fintech aggregators.

Fintech · United States

Securing an AI-Powered Fintech Ecosystem 14 Days Before Launch

A US fintech giant preparing a major AI-powered product launch needed exploit-validated assurance across a complex ecosystem. With only two weeks left on the clock, leadership could not afford a traditional multi-week VAPT cycle or noisy scanner queues.

Industry: AI-powered fintech Region: United States Modules: Vulnauts Window: 14 days pre-launch

Challenge

Release readiness had to be proven against real attack paths, not theoretical findings. The development team needed early, confirmed criticals so remediation and revalidation could complete before go-live.

Approach

  • Deployed Vulnauts to continuously assess vulnerabilities and launch readiness across the AI-powered ecosystem
  • Prioritized critical attack-path discovery with exploit validation for engineering action
  • Ran rapid revalidation loops as fixes landed so the launch board had current evidence

Result

First blood arrived in minutes. Full exploit-validated coverage completed in 2 days, giving developers roughly 12 days of the 14-day window to remediate and retest before launch.

Minutes Time to first validated critical finding (first blood)
2 days Complete validation cycle before engineering entered remediation
~12 days Of the 14-day pre-launch window remaining for fix and revalidation
Compliance · India

ISO and SOC 2 Readiness for a Rapidly Growing Startup in Under 2 Days

A high-growth India startup needed a clear picture of ISO and SOC 2 control gaps before auditors arrived. Manual gap assessments would have stretched for weeks and risked a failed first-pass review.

Industry: High-growth startup Region: India Modules: Threat intelligence agents · Shieldon Frameworks: ISO · SOC 2

Challenge

Leadership needed actionable gap analysis plus remediation steps fast enough to still clear both certifications on the first audit pass.

Approach

  • Deployed CurlSek threat intelligence agents with Shieldon to map control gaps against ISO and SOC 2 expectations
  • Produced prioritized remediation steps tied to evidence auditors expect
  • Supported closure validation so the program could claim first-pass readiness with confidence

Result

Gaps and remediation guidance were delivered in less than 2 days. The company cleared both ISO and SOC 2 on the first pass in record time for its stage of growth.

<2 days From kickoff to ISO and SOC 2 gap report with remediation steps
First pass Both ISO and SOC 2 cleared without a failed initial audit cycle
Record time Certification timeline vs. peer startups relying on manual assessments
MSSP · United States

US Services Firm Powering Customer VAPT with Vulnauts on Repeat

A US services company needed a repeatable way to deliver high-quality VAPT for its clients without rebuilding tooling and analyst capacity for every engagement.

Industry: Security services / MSSP Region: United States Modules: Vulnauts Model: Recurring customer VAPT delivery

Challenge

Manual pentest cycles limited how many customers the firm could serve each quarter. Clients expected exploit-verified findings and faster turnaround than boutique analyst-only engagements could sustain.

Approach

  • Embedded Vulnauts as the offensive engine behind recurring customer VAPT engagements
  • Standardized discovery, exploit validation, and reporting so each client delivery followed the same quality bar
  • Retained human review for prioritization while agents handled scale and retesting

Result

The firm now repeatedly uses Vulnauts to deliver customer VAPT programs with consistent depth, faster start-to-report cycles, and capacity to serve more concurrent client scopes.

Repeat use Vulnauts adopted as the default engine across successive customer VAPT campaigns
Faster cycles Reduced setup and discovery time per client engagement vs. fully manual VAPT
Scalable delivery More concurrent customer scopes without linearly adding analyst headcount
Probe · Continuous Monitoring · Supply Chain

React2Shell at Scale: Probe Delivered Rapid, Validated Response Across Assets

When React2Shell began circulating, AppSec teams needed to know which assets were exposed, whether exploitability was real, and how to avoid noisy incident fire drills. CurlSek Probe activated within minutes of disclosure across protected customer estates.

Threat: React2Shell command injection Modules: Probe · continuous monitoring · supply chain profiling Read more: Medium write-up

Challenge

Traditional scanners would flag version matches with 40 to 60% false-positive rates. Teams needed asset-intelligent correlation, sandbox exploit validation, and developer-ready evidence for supply-chain and SSR exposure.

Approach

  • Continuous CVE ingestion from NVD, vendor advisories, and package ecosystems (npm/yarn)
  • Asset mapping via curated profiles: stacks, dependency trees, SSR/SSG, exposed routes, and supply-chain metadata
  • CVE-to-asset correlation at scale, then sandboxed exploit validation before alerting engineering

Result

Probe identified potentially exposed assets within moments (example alert across 4 assets), validated exploitability in isolated sandboxes, and cut conventional scanner false positives from roughly 40 to 60% to near zero, with patch guidance such as upgrading affected React server tooling.

Minutes From disclosure awareness to Probe rapid-response workflow across customer assets
~0 FP False positives near zero after sandboxed exploit validation (vs. 40 to 60% in scanners)
10k+ Asset scale the distributed agent architecture is built to correlate without linear overhead
Continuous VAPT · Cloud Portal

Continuous VAPT Without the Meeting Sprawl

Engineering and management teams were burning hours on kickoff calls, scope clarifications, status meetings, and remediation check-ins for every traditional VAPT cycle. Continuous CurlSek VAPT shifted that work into a shared cloud portal.

Modules: Continuous VAPT · cloud delivery portal Teams: Engineering · security · leadership Before: Meeting-heavy point-in-time engagements

Challenge

Scheduling, scope churn, and status chase-downs delayed testing start dates and diluted remediation focus. Leadership wanted assurance signals without another weekly status call.

Approach

  • Ran continuous VAPT with findings, evidence, and retest status available in a cloud portal
  • Replaced recurring sync meetings with on-demand visibility for engineering and management
  • Kept human escalation for criticals while day-to-day coordination moved async into the portal

Result

Teams stopped running around for setups and status meetings. Continuous validation and remediation tracking live in the portal, saving calendar time and coordination overhead for both engineering and management.

0 kickoff theater Routine engagement setup and status moved from meetings into the cloud portal
Always on VAPT progress, findings, and retests visible without waiting for the next sync call
Time saved Engineering and management hours redirected from status meetings to remediation
Fintech Aggregator · Vendor Risk

Threat Assessments as Vendor Risk and Supply Chain Validation

A fintech aggregator needed a repeatable way to evaluate third-party and partner exposure without waiting on each vendor's annual PDF. CurlSek security posture and threat assessment reports became part of their vendor risk workflow.

Industry: Fintech aggregation Use case: Vendor risk assessment Modules: Threat / security posture reports · supply chain exposure views

Challenge

Aggregator risk teams must assess many vendors and partners. Point-in-time questionnaires and stale pen-test PDFs left blind spots in open, deep, and dark-web exposure as well as supply-chain dependencies.

Approach

  • Embedded CurlSek threat assessment / security posture reports into the vendor onboarding and periodic review process
  • Used non-intrusive OSINT and exposure intelligence (commercial-comparable depth typically valued at $1,500+) to score external risk
  • Extended the same lens to supply-chain and shared-dependency exposure across the partner network

Result

Vendor risk reviews now include current external intelligence rather than trust-me attestations alone. The same reports help validate supply-chain exposure and residual risk before deeper continuous testing is commissioned.

$1,500+ Typical market value of comparable commercial external assessments used in their vendor workflow
100+ Open, deep, and dark-web signals correlated into each threat assessment brief
Dual use Same report powers vendor risk scoring and supply-chain / exposure validation

Want outcomes like these for your environment?

Start with a threat assessment typically valued at $1,500+, or speak with our team about continuous Vulnauts delivery, Probe rapid response, or compliance readiness with Shieldon.

Customer names withheld under mutual NDA. Metrics reflect engagement outcomes described above and published React2Shell Probe response patterns. Individual results vary by scope, estate complexity, and remediation velocity.