Platform
- - Cobalt Platform
    
    Modern offensive security platform
  - Dynamic Application Security Testing
    
    Automated application security scanning
  - Pricing
    
    Explore the flexible Cobalt credit model
Services
- - Application Security
    
    Secure your apps without slowing down development
  - Application Pentest
  - Secure Code Review
  - LLM Pentest
  - Network Security
    
    Protect systems and data with offensive security
  - Network Pentest
  - Red Teaming
- - Cloud Security
    
    Secure your cloud infrastructure
  - Brand Protection
    
    Safeguard your reputation
  - Digital Risk Assessment
  - Social Engineering
  - Device Security
    
    Secure your devices from threats
  - Device Hardening
  - IoT Testing
Solutions
- - PtaaS
    
    On-demand Pentesting as a Service
  - Goal-Based Pentest
    
    Simulated attack to test your security defenses
- - Compliance
    
    Comprehensive pentesting for compliance
  - Secure SDLC
    
    Develop securely and deploy confidently
  - Offensive Security Program
    
    Minimize risk efficiently and effectively
- - For Small Businesses
    
    Pentesting for growing business needs
  - For IT & Information Security Teams
    
    Explore the benefits of an offensive security platform
  - For DevOps Teams
    
    Explore the benefits of continuous security testing
About
- - Why Cobalt
    
    Why сustomers сhoose Cobalt
  - About Us
    
    Who we are
  - Leadership
    
    The minds driving our mission forward
  - Cobalt Core
    
    Community of skilled, vetted security experts
  - Partners
    
    Explore Cobalt's partner network
- - Customers
    
    Real customer stories straight from the source
  - Press
    
    Read the latest news at Cobalt
  - Careers
    
    Redefine and reimagine modern offensive security
  - Contact Us
    
    Connect with a team member
- - GigaOm Radar Report
    
    Featured
    
    Download
Resources
- - Resource Library
    
    Rethinking offensive security
  - Blog
    
    Insights from security leaders, pentesters, and developers
- - Events & Webinars
    
    Explore thought-provoking security topics
  - InfoSec Podcast
    
    Explore the stories of cybersecurity experts
- - State of Pentesting Report 2024
    
    Featured
    
    Download
login
get started

Platform
- - Cobalt Platform
    
    Modern offensive security platform
  - Dynamic Application Security Testing
    
    Automated application security scanning
  - Pricing
    
    Explore the flexible Cobalt credit model
Services
- - Application Security
    
    Secure your apps without slowing down development
  - Application Pentest
  - Secure Code Review
  - LLM Pentest
  - Network Security
    
    Protect systems and data with offensive security
  - Network Pentest
  - Red Teaming
- - Cloud Security
    
    Secure your cloud infrastructure
  - Brand Protection
    
    Safeguard your reputation
  - Digital Risk Assessment
  - Social Engineering
  - Device Security
    
    Secure your devices from threats
  - Device Hardening
  - IoT Testing
Solutions
- - PtaaS
    
    On-demand Pentesting as a Service
  - Goal-Based Pentest
    
    Simulated attack to test your security defenses
- - Compliance
    
    Comprehensive pentesting for compliance
  - Secure SDLC
    
    Develop securely and deploy confidently
  - Offensive Security Program
    
    Minimize risk efficiently and effectively
- - For Small Businesses
    
    Pentesting for growing business needs
  - For IT & Information Security Teams
    
    Explore the benefits of an offensive security platform
  - For DevOps Teams
    
    Explore the benefits of continuous security testing
About
- - Why Cobalt
    
    Why сustomers сhoose Cobalt
  - About Us
    
    Who we are
  - Leadership
    
    The minds driving our mission forward
  - Cobalt Core
    
    Community of skilled, vetted security experts
  - Partners
    
    Explore Cobalt's partner network
- - Customers
    
    Real customer stories straight from the source
  - Press
    
    Read the latest news at Cobalt
  - Careers
    
    Redefine and reimagine modern offensive security
  - Contact Us
    
    Connect with a team member
- - GigaOm Radar Report
    
    Featured
    
    Download
Resources
- - Resource Library
    
    Rethinking offensive security
  - Blog
    
    Insights from security leaders, pentesters, and developers
- - Events & Webinars
    
    Explore thought-provoking security topics
  - InfoSec Podcast
    
    Explore the stories of cybersecurity experts
- - State of Pentesting Report 2024
    
    Featured
    
    Download
login
get started

Blog

Thoughts, perspectives, and industry commentary from the Cobalt team.

Cobalt Year in Review

Cobalt Achieved Record Pentests in 2022, Expanded PtaaS Adoption

Notable industry recognition from analysts and high-value awards proves Cobalt is the leader in PtaaS, and sparks the hiring of Chief Sales Officer Jerri Allan

NEWS

Jan 26, 2023

Est Read Time: 5 min

Man-In-The-Middle Attacks: How to Detect and Prevent

This article covers the steps cybercriminals commonly take to execute different MITM attacks, and how security teams can detect and prevent them.

Cybersecurity Insights

Jan 24, 2023

Est Read Time: 5 min

OAuth Vulnerabilites Pt. 1

Welcome to part one of OAuth Vulnerabilities. Core Pentester Shubham Chaskar overviews Oauth, commonly used grant types, entities, misconfiguration, and more.

Pentester Guides

Jan 23, 2023

Est Read Time: 10 min

Then & Now: Harsh Bothra

Core Pentester Harsh Bothra joined Cobalt a little over two years ago. Since then, he has become a Pentest Lead and worked on endless engagements. He takes this time to reflect on how things have changed since his first test.

Pentester Stories Cobalt Core

Jan 19, 2023

Est Read Time: 3 min

Faster and More Affordable Cybersecurity Compliance With SmartComply

Today we give the stage to SmartComply, whose app helps rapidly expanding businesses reduce time and money spent on compliance.

Modernizing Pentesting

Jan 17, 2023

Est Read Time: 2 min

A Dive into Client-Side Desync Attacks

A client-side desync, a.k.a CSD, is an attack in which the victim's web browser is tricked into desynchronizing its connection to the vulnerable website. Core Pentester Harsh Bothra takes a look at how attackers can find these vulnerabilities in the wild.

Cobalt Core Pentester Guides

Jan 16, 2023

Est Read Time: 7 min

2023 Cobalt Partnerships: Expanding to MSP & MSSP Partners

When companies work together to provide better solutions for their clients, everyone wins.

Modernizing Pentesting Partners

Jan 12, 2023

Est Read Time: 2 min

Deep Dive into GraphQL Pt. 2

Welcome to part two of GraphQL! Core Pentester Michael Adcock tackles our newest deep dive into the open-source data query.

Pentester Guides API Pentesting

Jan 9, 2023

Est Read Time: 6 min

2023 Q1 Pentester of the Quarter: Sanyam Chawla

Congratulations to Sanyam Chawla for winning the Pentester of the Quarter Award for Q1. Sanyam was nominated by his peers due to being a great teammate and leader in the Core.

Pentester Stories Cobalt Core

Jan 6, 2023

Est Read Time: 3 min

20 21 22 23 24

More resources

Learn pentesting best practices, read answers to our most common questions

and get our technical docs.

customer stories

docs