Cybersecurity background
    ~5 min read
    Share :
    Case Study
    Startup IAOWASP Top 10Lyon

    Securing France's First Autonomous AI Agent Platform

    How RedSentinel helped a Lyon-based deeptech startup validate their security infrastructure before large-scale deployment.

    7 days

    Audit duration

    150+

    Tests performed

    DigitalKin Logo

    DigitalKin

    Pioneer of Agentic AI in France

    DigitalKin is a Lyon-based startup founded in 2023 by Emmanuel Théry (ex-Michelin, ex-Dynergie), Sébastien Deschaux and Nicolas Lester Reynolds. The company develops France's first platform for recruiting, training and managing autonomous AI employees: the "Kins".

    Unlike traditional chatbots, Kins are cognitive agents capable of executing complex end-to-end tasks: scientific literature reviews, document analysis, structured report writing, business process automation.

    Key Figures

    • 400 000 € raised in September 2024
    • Headquarters : Lyon (69009)
    • Reference clients : Laboratoires Boiron
    • Awards : French Tech Seed, NVIDIA
    • Technology : KinOS / KinConnect

    "Our Kins don't replace human expertise, they multiply it."

    Emmanuel Théry, CEO & Co-fondateur

    The Context

    Why a security audit was essential

    Investor Trust

    Demonstrate a mature security posture

    B2B Requirements

    Companies like Boiron require security guarantees

    Sensitive Data

    Kins handle strategic documents (R&D, CIR)

    Innovative Architecture

    Multi-agent platform integrating multiple LLMs

    Commercial Expansion

    Slush Helsinki and European scaling

    Rare Expertise

    Web + AI/LLM dual competence needed

    Our Mission

    A two-part complementary audit

    Web Application Audit

    Based on OWASP Top 10, covering authentication, access controls, server configuration, injections and data exposure.

    OWASP Top 10

    AI/LLM Security Audit

    Based on OWASP LLM Top 10, analyzing AI agent-specific risks: prompt injection, data leakage via model, unexpected agent behaviors.

    OWASP LLM Top 10

    Our Approach

    Structured methodology

    1

    Preparation

    Scope definition, access setup, application mapping

    2

    Reconnaissance

    Passive infrastructure analysis and entry point identification

    3

    Active Tests

    Controlled exploitation of potential vulnerabilities

    4

    Validation

    Finding confirmation and real impact assessment

    5

    Delivery

    Detailed report and presentation session

    Results

    What the audit revealed

    Vulnerabilities by Severity

    Critical0
    High0
    Moderate2
    Low / Info5

    Security Score

    75/100
    Good security posture

    Conclusion

    No critical vulnerability allowing immediate system compromise. The platform rests on a solid technical foundation. Recommendations mainly focus on strengthening existing configurations, demonstrating already well-established security maturity for a scaling startup.

    All vulnerabilities have been remediated by the DigitalKin team

    Deliverables

    A modern audit experience

    Real-time Platform

    Audit progress visible by client, findings documented on the fly

    Executive Report

    Summary for management and investors

    Technical Report

    Each finding with proofs, CVSS scoring, remediation

    Priority Matrix

    Ranking by criticality and remediation effort

    Presentation Session

    Live presentation to technical team

    Electronic Signature

    Signed report via our platform for evidential value

    Client Testimonial

    Google Reviews
    "We called on RedSentinel and Alexandre Tavares for a security audit of our platform hub.digitalkin.ai. The collaboration was smooth and very professional: the audit methodology is clear and reassuring, and we were able to follow progress step by step directly from their platform. Alexandre was available, educational and proactive on corrective measures to implement. We leave with a very structured report and a concrete roadmap to strengthen our security. I highly recommend RedSentinel to any tech team that wants to take their product security seriously."
    DigitalKin Logo

    Thibaud PERRIN

    DigitalKin

    See on LinkedIn

    Why DigitalKin Chose RedSentinel

    1

    Web + AI/LLM Dual Expertise

    A rare expertise combining OWASP Top 10 (web) and OWASP LLM Top 10 (AI) methodologies.

    2

    Offensive Approach

    We think like an attacker to protect like a defender.

    3

    Total Transparency

    Real-time audit tracking, no black box.

    4

    Actionable Deliverables

    Contextualized recommendations, not generic 200-page reports.

    Ready to Secure Your Application?

    Developing a SaaS application, an AI platform, or a digital product? Identify your vulnerabilities before an attacker does.