GIVEAWAY
Win the ultimate AI security check with a free pentest giveaway!
GIVEAWAY
Win the ultimate AI security check with a free pentest giveaway!

Blog

Thoughts, perspectives, and industry commentary from the Cobalt team.

Cobalt Release Blog: February 2023

Read about the improvements we launched to our PtaaS Platform last month: new integrations, asset vulnerability updates, and more.
Mar 10, 2023
Est Read Time: 1 min

The Life of a Bug

With this post I'll present a way to better understand bugs, from their origin until their death. I’ll do this by introducing the idea of a security bug pipeline and Fix-to-Fix framework.
Mar 3, 2023
Est Read Time: 5 min

Decoding the Differences: Black, Gray, and White-Box Pentests

Different types of pentesting methods have designated colors with the key differences.
Mar 1, 2023
Est Read Time: 5 min

Security Touchpoints in the Big Data Lifecycle

More and more teams want to access the sensitive data you're managing? Here's a guide on how to keep it secure while enabling the business to innovate.
Feb 28, 2023
Est Read Time: 9 min

Pentester’s Guide to XPATH Injection

XPath is a powerful language used to query and manipulate XML documents. It allows you to extract data, transform XML documents, query large datasets, and modify the structure and content of XML documents. XPath injection attacks occur when an attacker manipulates XPath statements to gain unauthorized access to sensitive data.
Feb 27, 2023
Est Read Time: 6 min

Back to Basics: How to Build Resilient Blue Teams

A comprehensive guide on how security teams can keep up with organizational change.
Feb 24, 2023
Est Read Time: 11 min

Pentester Spotlight: Goonjeta Malhotra

“Pentesting allowed me to challenge my skills and knowledge, to think of creative ways to exploit and identify vulnerabilities, and always to find ways to improve security posture." That's what Core Pentester Goonjeta Malhotra said about her journey into pentesting. Learn more about Goonjeta in here Pentester Spotlight.
Feb 23, 2023
Est Read Time: 2 min

Introduction to Chrome Browser Extension Security Testing

Browser extensions are software components that enhance the functionality of existing programs, specifically web browsers by modifying the user interface and interaction with websites, allowing users to customize their browsing experience. However, they also pose a security risk as they interact directly with untrusted web content and have vulnerabilities that malicious website operators and network attackers can exploit. This blog highlights the importance of Chrome browser extension security, permissions, testing for vulnerabilities, real-time attack scenarios, and mitigation methods.
Feb 20, 2023
Est Read Time: 13 min

Getting Started in Pentesting

Interested in pentesting but don't know where to start? Our Core Pentesters have you covered. Read to hear their tips and advice on how to get started.
Feb 16, 2023
Est Read Time: 4 min

    Always get the latest

    Sign up to get Cobalt insights delivered right to your inbox so you never miss a story.

    More resources

    Learn pentesting best practices, read answers to our most common questions
    and get our technical docs.