Sample Engagement (Placeholder)

A Series B B2B SaaS company (~120 employees, EU-headquartered) that ships weekly to its customer-facing web application and three internal APIs. They run on a modern cloud-native stack with mature CI but had not yet run a deep, scoped offensive engagement on the public surface.

DeepMantis ran a 14-day engagement against the customer-facing web application and three internal APIs. Production was in scope; destructive actions, data exfiltration beyond proof, and lateral movement outside the named hosts were explicitly out of scope.

• Authenticated and unauthenticated paths
• Tenant isolation under multi-tenant assumptions
• Webhook surfaces and outbound integrations

Recon mapped the public surface and identified high-value flows (authentication, billing export, webhook proxy). Discovery focused on tenant-isolation invariants and trust boundaries between user-controlled input and internal services. Exploitation produced reproducible chains with concrete proof artefacts; reporting framed each finding against the customer's threat model.

14 findings total; the two highest-impact ones are summarised below. The full report includes reproduction steps, business-impact analysis, and remediation guidance per finding.

The customer remediated the critical SSRF the same day the proof-of-exploit landed and shipped fixes for both high-severity findings within 12 days. A retest verified every fix; the medium- and low-severity items were rolled into the next sprint.

Critical and both high-severity findings remediated within 12 days; retest verified all fixes.