Menu Icon
< back to main
 • 2 min read

New Feature: Collaborative Testing

At Cobalt we are constantly evolving what crowdsourced security testing can be. We started with bug bounty programs, where researchers…

New Feature: Collaborative Testing
Esben Friis-Jensen
Esben Friis-Jensen

Esben Friis-Jensen is Co-founder and Chief Customer Officer at Cobalt. As CCO, Esben acts as the internal “voice of the customer” and drives a customer-centric perspective across all business-critical processes, including sales, product, finance, and support.

Want to see the platform in action?
get a demoArrow Right
Want to see the platform in action?
get a demoArrow Right

At Cobalt we are constantly evolving what crowdsourced security testing can be. We started with bug bounty programs, where researchers could individually contribute to earn bounties. This model works well to a certain extent, e.g. for vulnerability disclosure. However, if you are using the bug bounty model as a replacement for security testing a lot of time and effort goes to waste with duplicate submissions and double testing the same scenarios/features instead of ensuring broader coverage. This issue is one of the reasons we created our Crowdsourced Pen Tests.

Collaborative TestingNow you can get a team of the best (like the guys above) to check the security of your application

With our new model, a team of security researchers has the ability to collaborate on a test and see each others findings in real-time to avoid duplicates. This drives more communication among the team to cover different areas and verticals of the scope resulting in a higher quality pen test.

To highlight this change — We have merged our original user groups (Businesses and Researchers) to a single group called “Collaborators”, which marks the start of more features that will create a more collaborative crowdsourced security approach.

Why didn’t we build this earlier?

In public bug bounties, it is harder to put full trust in researchers and allow them to see each others findings before they are fixed. But with the crowdsourced pen test programs you get significant vetting of researchers (background check, quality check, ratings etc.) resulting in a high level of trust. This trust allows you to do things similar to those known from traditional consultancies. We are just getting started on this, so expect more to come in the future.

Feedback

If you have any ideas for cool collaboration features you would like to see, then e-mail our customer success manager Kevin (kevin@cobalt.io). We love feedback from customers, researchers and everybody else.

Cheers,

Esben, Cobalt

Product Updates

Related Stories

Cybersecurity Statistics for 2021
Cybersecurity Statistics for 2021
What's new in ransomware, social engineering, and many other security threats
Read moreArrow Right
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
Each year, we publish The State of Pentesting report to provide a detailed overview of vulnerabilities and identify the trends and hazards that impact the cybersecurity community.
Read moreArrow Right
How to Build Resilience in Cybersecurity: 4 Lessons Learned From Military Experience
How to Build Resilience in Cybersecurity: 4 Lessons Learned From Military Experience
What better group to turn to for advice than security leaders who have worked on the front lines of risk and uncertainty?
Read moreArrow Right
New Ebook: Beginner’s Guide to Compliance-Driven Pentesting
New Ebook: Beginner’s Guide to Compliance-Driven Pentesting
Find out more about the role of pentesting in your company’s compliance effort.
Read moreArrow Right

Never miss a story

Stay updated about Cobalt news as it happens