We recently announced a lineup of product enhancements to our Pentest as a Service (PtaaS) platform that are designed to give agile development teams the ability to do fast and frequent pentests as well as enhance development and security operations. One of the new enhancements we unveiled was Cobalt Credits, the first delivery model that standardizes cost with a unit of work for flexible, cost-effective pentest consumption.
What is a Cobalt Credit?
At Cobalt, we’re innovating traditional pentest pricing models by allowing you to purchase Credits in advance. Credits are essentially virtual vouchers that you can consume whenever a pentesting need arises, meaning you can get a pentest up and running within 24 hours, compared to two weeks or more with traditional services. Instead of being tied to a traditional ‘all in scope’ assessment, you can tailor and distribute the amount of work based on the complexity of your application.
Here’s an overview of the value of a Cobalt Credit:
Why It’s A Game Changer: Ultimate Flexibility in Executing Pentests
The major benefit of the Cobalt Credit model is the flexibility it provides in planning and executing pentests. Without the limitations of a traditional ‘all in scope’ unit of delivery, our customer Eric Galis, Vice President of Compliance and Security at Cengage, now has the ability to bring a different amount of work based on the complexity, sensitivity, and criticality of the application to be tested, allowing him to stretch his application security budget even further.
With a sense of cost certainty and availability upfront, Galis’s team takes full advantage of Cobalt’s ability to start a pentest in 24 hours. This saves them time by eliminating scheduling/onboarding back and forth hassle with the vendor every time their application security priorities change and a test need appears — whether it’s a full-blown pentest or a test on a single release.
How It Works
Once purchased, all available Credits become visible on the Cobalt dashboard. Here, the credit balance is not only displayed in real-time but also includes a ledger showing a detailed summary of past tests. This allows you to track and manage your pentest schedule transparently and get additional insight into your security initiatives.
As we continue to define PtaaS, we are always looking for ways to ensure Cobalt is the most innovative solution for security-conscious software companies that want to take pentesting beyond checking the box and integrate it into their agile development lifecycle.