At Cobalt, we are committed to providing our clients with well-established security solutions that are both robust and user-friendly. Our latest updates to our Dynamic Application Security Testing (DAST) product exemplify this commitment. We are excited to introduce two key features designed to enhance ease-of-use: the Sequence Recorder and Recurring Scan Scheduling. These capabilities will streamline your security processes and ensure continuous protection for your web-facing applications.
Sequence Recorder: Simplifying Authenticated Scans
Setting-up authenticated scans can be tricky and if authentication goes off the rails, then the scan results can be less valuable or even worthless. Our new Sequence Recorder addresses this challenge head-on. This browser plugin is designed to record your actions in the browser, making it easier to set up authenticated targets for DAST.
Key Features
-
Easy Installation: Available as a Chrome browser extension or Firefox add-on, the Sequence Recorder can be installed just like any other plugin.
-
Intuitive Usage: Simply click on the Cobalt extension icon, enter the URL of your target, and start recording. Perform the necessary actions to authenticate, and then stop the recording.
-
Seamless Integration: The recorded sequence can be copied or downloaded and then uploaded to your target settings in Cobalt. Once set up, scans against this target will use the recorded steps to authenticate automatically.
Benefits
-
Time-Saving: Reduces the complexity and time required to set up authenticated scans, allowing you to focus on other critical tasks.
-
Accuracy: Ensures that your scans are accurately reflecting the authenticated state of your applications, providing more comprehensive security coverage.
-
Ease of Use: Designed to be user-friendly, requiring no special technical skills to operate.
Recurring Scan Scheduling: Continuous Security Monitoring
With today’s fast-paced threat environments, maintaining a continuous pulse on the security posture of your web apps is essential. Our new Recurring Scan Scheduling feature enables you to schedule scans at regular intervals, ensuring ongoing security monitoring without manual intervention.
Key Features
-
Flexible Scheduling: Set scans to recur hourly, daily, weekly, or monthly, in addition to scheduling one-time scans for a specific date and time.
-
Continuous Monitoring: Automatically tests your web-facing applications for vulnerabilities between regular pentests, ensuring you always have up-to-date insights into your security posture.
-
Support for DevOps: If your production environment is rapidly changing due to regular, iterative releases, continuous DAST scanning in both your lower environments and production provides visibility into your current state without slowing down development. Further, maintaining a known-good state of your application before deploying new versions ensures you have traceability back to the commitments that introduced vulnerabilities and helps catch environment-specific configuration issues.
Benefits
-
Proactive Security: Keeps your security monitoring proactive rather than reactive, helping you identify and address issues before they become critical in between regular pentests.
-
Consistency: Ensures that security scans are performed consistently without requiring manual scheduling, reducing the risk of missed scans.
-
Improved Efficiency: Frees up your development and security team to focus on remediation and other strategic tasks, rather than managing scan cadences.
Conclusion
With the introduction of Sequence Recorder and Recurring Scan Scheduling, Cobalt’s DAST product is now more powerful and user-friendly than ever. These features are designed to save you time, improve accuracy, and ensure continuous protection of your web applications. By automating routine tasks and simplifying complex processes, we empower your security team to stay ahead of threats and maintain a robust security posture.
All Cobalt customers have access to 1 free target URL to get started, so login to Cobalt to check out these new features.
Stay tuned for more updates and enhancements as we continue to innovate and improve our offerings to meet your evolving security needs. Explore the benefits of pairing penetration testing and DAST.