Black Dragon Exposes Hidden Risks: Rezolve Gain the Clarity to Act First
Case study: Rezolve AI
Background
Rezolve Ai Ltd (Rezolve) is a global technology leader transforming the retail experience through cutting-edge mobile engagement and instant purchasing solutions.
With operations spanning multiple countries, Rezolve’s mission is to empower businesses to connect with customers seamlessly and securely via their innovative commerce platform.
Services:
Cybersecurity Consultancy
Black Dragon
Challenges
As a forward-thinking technology company, Rezolve take cyber security extremely seriously. With a complex digital footprint supporting clients and partners worldwide, their leadership team sought to validate how their external presence might appear to a determined attacker and to uncover risks beyond the reach of internal controls.
They wanted more than a tick-box scan. They wanted answers to pressing problems such as:
Are there forgotten or misconfigured assets still publicly exposed?
Are employee credentials already circulating on the dark web?
Are there weaknesses in legacy systems or third-party hosted services?
Project Approach
Rezolve engaged Samurai Digital Security Ltd (Samurai) to deliver an Attack Surface Risk Assessment using their newly developed Black Dragon tool. This safe and non intrusive service combines advanced dark web monitoring, shadow asset discovery, external vulnerability scanning and subdomain mapping to show organisations the risks attackers already see.
The process was fast and seamless:
- A mutual NDA was signed
- Samurai deployed their proprietary Black Dragon tooling, entirely externally
- Rezolve received a concise, prioritised report
- A senior consultant debriefed the findings and guided next steps
Findings
The results surprised and impressed the Rezolve team, Black Dragon revealed:
Staff Credentials
Staff credentials tied to Rezolve domains for sale on underground forums, some using reused passwords still active internally
Historic Dev Environments
Unmaintained test environments and forgotten subdomains were still publicly accessible
Legacy Software Versions
Outdated software versions exposing known vulnerabilities on legacy services.
Cloud Vulnerabilities
An unsecured cloud bucket containing sensitive internal documentation
Output & Benefits
Armed with this intelligence, Rezolve took immediate steps to strengthen their security:
- Removed and decommissioned forgotten shadow assets
- Enforced improved password hygiene and monitoring for credential leaks
- Patched and updated vulnerable services
- Locked down unsecured cloud resources
By engaging Samurai, Rezolve gained not only clarity and actionable insight, but also confidence in the value of having a trusted cyber security partner by their side. Discussions are now underway to expand the partnership further.
Testimonial
“We were astonished by what Samurai’s Black Dragon assessment revealed, even though we thought we had everything covered. The findings spoke for themselves, and the team’s expertise and clarity were outstanding. We’ve already acted on their recommendations and are now looking to bring them on as our long-term security partner. Highly recommended.”
Peter Wells – CISO, Rezolve
*Some information is redacted from this case study for client security, reference details are available on request.
Get in touch
Let's find a solution
If you want to chat, give us a call: 0121 740 1304
Or, email us: [email protected]