An AI-native LMS platform was losing enterprise deals at the security review stage. Here is what changed.
The client had just lost a large enterprise opportunity - not because the product wasn't good enough, but because they couldn't clear the buyer's security review. More deals were moving through the pipeline carrying the same questionnaires: DPDP compliance, CERT-In logging, cloud posture, LLM supply-chain risk, and MCP security.
Their MCP server was a novel attack surface that generic VAPT vendors simply don't assess. And the team didn't have the bandwidth to produce evidence-backed answers within buyer timelines.
MCP servers are new territory. Most vendors don't know what to assess, let alone how.
Enterprise procurement teams reject vague assertions. They need traceable evidence tied to specific risks.
Another lost deal would signal a systemic problem to the market. The window to act was short.
We came in as a partner across two workstreams, running in parallel to fit within the client's deal timeline.
We ran our full MCP RedTeam Framework against the client's production authentication and MCP server, covering both unauthenticated and privileged scenarios. The focus was chained attacks: the kind where individually defensible components combine into critical enterprise risk. Every finding mapped to OWASP Top 10 and OWASP LLM Top 10, so results translated directly into a CISO-ready narrative - not a raw technical list.
In parallel, we closed the gap between the client's existing controls and what large regulated buyers actually expect - cloud security posture, SIEM coverage, data lifecycle mapping, and a prioritised remediation roadmap the engineering team could execute without us. We also reviewed their questionnaire responses and rewrote weak sections into evidence-backed answers across DPDP, CERT-In, ISO 27001, and LLM-specific domains.
We don't accept "fixed" on trust. Once the engineering team shipped remediations, we re-ran both assessments live against the running system - the same attacker model, the same two-tenant probes - and recorded exactly what closed.
28 findings - 3 critical, 8 high. Malformed input leaked the tenant ID, the database schema and storage tokens; OAuth client registration was wide open.
Every critical and high finding closed. 20 of 28 remediated, zero secrets across 283 live traces, registration locked down and rate-limited. No breach-grade item left open.
Two critical isolation failures. One tenant could read another tenant's course and inject content across the boundary - the exact failure enterprise buyers test for.
Both critical findings fixed; 14 of 16 controls pass. Read and write isolation verified bidirectionally with live tokens, no regressions. The two residual items are data-minimization and defense-in-depth, not active data exposure.
Verified, not asserted. Every "fixed" in this case study was re-tested against the live deployment and recorded with evidence - the same proof the client now puts in front of their buyers' security teams.
Within the engagement window, the client moved from "we lost a deal over security" to a position where active enterprise opportunities could progress through review. The work also produced a reusable asset that outlasts any single deal.
Active enterprise deals progressed through security review, with strengthened questionnaire responses delivered within buyer SLA.
Critical remediations shipped before the next production rollout, closing the attack paths that would have failed any serious enterprise audit.
Unique vulnerabilities catalogued and prioritised, giving the security team a clear, evidence-backed view of their surface for the first time.
A reusable enterprise security package - lifecycle diagrams, CSPM posture, CERT-In evidence, MLSecOps controls, and a red-team report - that makes every future RFP faster to answer.
We now represent the client inside enterprise security reviews, fielding buyers' security teams directly with first-hand evidence - so deals keep moving instead of stalling on a questionnaire.
Closing the findings was the start. The work now is keeping the platform enterprise-ready as it grows - aligned to the standards global buyers ask about, and defended at runtime rather than re-tested after the fact.
We are aligning their systems and evidence to the frameworks that come up in enterprise and cross-border security reviews:
Red-teaming proves what is broken at a point in time. The durable answer is enforcement at runtime. We are now working with the client to deploy Trampolyne's Enterprise AI Security & Runtime Control platform - so tenant-isolation and access policies are evaluated inline, before any model or agent acts, rather than re-verified after each change. The same boundary the red-team hardened becomes a control that holds continuously.
"We lost a large enterprise deal because we couldn't clear their security review. That was a wake-up call. Within weeks, the picture changed completely. The team went beyond surface-level scans and uncovered vulnerabilities that had been sitting in our system for months. Everything was well documented, with clear severity and remediation steps."
"First-principles thinking - not just throwing an LLM over the requirement. Every finding came with clear proof, severity mapping to OWASP and LLM-specific threat models, and actionable fixes prioritised by impact. I'd recommend Trampolyne AI to any company serious about enterprise AI security."
If you're moving upmarket into banking, insurance, industrial, or healthcare accounts, you will face the same security review process. Generic pen-test vendors won't cover the parts that matter most for AI-native architectures.
We find attack chains that scanners and standard pen-tests miss - where Low and Medium components combine into critical enterprise risk.
Every finding maps to a concrete enterprise concern. The CISO narrative shifts from "trust us" to proof: here is the test, the finding, and the fix.
P0/P1/P2 sequencing with effort estimates - not a PDF thrown over the wall. Your team knows exactly what to close and in what order.
Built once, answers every enterprise RFP that follows - lifecycle diagrams, CSPM posture, CERT-In evidence, all ready to deploy.
Talk to Trampolyne AI about a design-partner red-team engagement.
Get in touch