3 PEAT
GigaOm Names Cobalt an “Outperformer” for Third Consecutive Year in Annual Radar Report for PTaaS.
3 PEAT
GigaOm Names Cobalt an “Outperformer” for Third Consecutive Year in Annual Radar Report for PTaaS.

Blog

Thoughts, perspectives, and industry commentary from the Cobalt team.

Security Touchpoints in the Big Data Lifecycle

More and more teams want to access the sensitive data you're managing? Here's a guide on how to keep it secure while enabling the business to innovate.
Feb 28, 2023
Est Read Time: 9 min

Pentester’s Guide to XPATH Injection

XPath is a powerful language used to query and manipulate XML documents. It allows you to extract data, transform XML documents, query large datasets, and modify the structure and content of XML documents. XPath injection attacks occur when an attacker manipulates XPath statements to gain unauthorized access to sensitive data.
Feb 27, 2023
Est Read Time: 6 min

Back to Basics: How to Build Resilient Blue Teams

A comprehensive guide on how security teams can keep up with organizational change.
Feb 24, 2023
Est Read Time: 11 min

Pentester Spotlight: Goonjeta Malhotra

“Pentesting allowed me to challenge my skills and knowledge, to think of creative ways to exploit and identify vulnerabilities, and always to find ways to improve security posture." That's what Core Pentester Goonjeta Malhotra said about her journey into pentesting. Learn more about Goonjeta in here Pentester Spotlight.
Feb 23, 2023
Est Read Time: 2 min

Introduction to Chrome Browser Extension Security Testing

Browser extensions are software components that enhance the functionality of existing programs, specifically web browsers by modifying the user interface and interaction with websites, allowing users to customize their browsing experience. However, they also pose a security risk as they interact directly with untrusted web content and have vulnerabilities that malicious website operators and network attackers can exploit. This blog highlights the importance of Chrome browser extension security, permissions, testing for vulnerabilities, real-time attack scenarios, and mitigation methods.
Feb 20, 2023
Est Read Time: 13 min

Getting Started in Pentesting

Interested in pentesting but don't know where to start? Our Core Pentesters have you covered. Read to hear their tips and advice on how to get started.
Feb 16, 2023
Est Read Time: 4 min

Why is Cybersecurity Important in the Fintech Industry?

Learn about the importance of cybersecurity for fintech companies with insights from the cybersecurity experts at Cobalt.
Feb 14, 2023
Est Read Time: 7 min

Pentests in Risk Assessments: When, Why, How

Find your vulnerabilities, determine the risk, and outline remediation — pentests can do all of this in support of your risk assessments.
Feb 14, 2023
Est Read Time: 3 min

Introduction to LDAP Injection Attack

LDAP (Lightweight Directory Access Protocol) is a protocol for accessing and managing directory services over a network. LDAP injection is a type of attack that targets vulnerabilities in implementations of the LDAP. Core Pentester Harsh Bothra shows us how an attacker does this injection and how to protect against it.
Feb 13, 2023
Est Read Time: 7 min

    Always get the latest

    Sign up to get Cobalt insights delivered right to your inbox so you never miss a story.

    More resources

    Learn pentesting best practices, read answers to our most common questions
    and get our technical docs.