WEBINAR
GigaOm Radar Report for PTaaS: How to Make a Smarter Investment in Pentesting
WEBINAR
GigaOm Radar Report for PTaaS: How to Make a Smarter Investment in Pentesting

Blog

Thoughts, perspectives, and industry commentary from the Cobalt team.

Pentester Spotlight: Goonjeta Malhotra

“Pentesting allowed me to challenge my skills and knowledge, to think of creative ways to exploit and identify vulnerabilities, and always to find ways to improve security posture." That's what Core Pentester Goonjeta Malhotra said about her journey into pentesting. Learn more about Goonjeta in here Pentester Spotlight.
Pentester Stories Cobalt Core
Feb 23, 2023
Est Read Time: 2 min
Read more
Introduction to Chrome Browser Extension Security Testing cover image

Introduction to Chrome Browser Extension Security Testing

Browser extensions are software components that enhance the functionality of existing programs, specifically web browsers by modifying the user interface and interaction with websites, allowing users to customize their browsing experience. However, they also pose a security risk as they interact directly with untrusted web content and have vulnerabilities that malicious website operators and network attackers can exploit. This blog highlights the importance of Chrome browser extension security, permissions, testing for vulnerabilities, real-time attack scenarios, and mitigation methods.
Cobalt Core Pentester Guides
Feb 20, 2023
Est Read Time: 13 min
Read more

Getting Started in Pentesting

Interested in pentesting but don't know where to start? Our Core Pentesters have you covered. Read to hear their tips and advice on how to get started.
Cobalt Core
Feb 16, 2023
Est Read Time: 4 min
Read more

Why is Cybersecurity Important in the Fintech Industry?

Learn about the importance of cybersecurity for fintech companies with insights from the cybersecurity experts at Cobalt.
Modernizing Pentesting
Feb 14, 2023
Est Read Time: 7 min
Read more

Pentests in Risk Assessments: When, Why, How

Find your vulnerabilities, determine the risk, and outline remediation — pentests can do all of this in support of your risk assessments.
Cybersecurity Insights
Feb 14, 2023
Est Read Time: 3 min
Read more

Introduction to LDAP Injection Attack

LDAP (Lightweight Directory Access Protocol) is a protocol for accessing and managing directory services over a network. LDAP injection is a type of attack that targets vulnerabilities in implementations of the LDAP. Core Pentester Harsh Bothra shows us how an attacker does this injection and how to protect against it.
Cobalt Core Pentester Guides
Feb 13, 2023
Est Read Time: 7 min
Read more

Risks of Open-Source Software

This article provides an overview of what open-source software is and its history. Core Pentester Ninad Mathpati explains that open-source software is any program whose source code is made available for use or modification and is developed as a public, open collaboration.
Pentester Guides
Feb 8, 2023
Est Read Time: 8 min
Read more

API Security Best Practices

As the devices providing Internet access increase daily, the traditional Monolith architecture has been replaced by the Microservice architecture due to the advantages such as scalability, faster deployment, ease of management, and many more. Core Pentester Orhan Yildirim shares his best practices for API Security.
Pentester Guides API Pentesting
Feb 3, 2023
Est Read Time: 4 min
Read more

Cybersecurity Certifications, how much do they really matter?

Cybersecurity certifications can benefit individuals with 1-4 years of experience when looking for new job opportunities. Certifications alone don't necessarily make someone a good pentester and should be considered in conjunction with professional experience.
Pentester Stories Cobalt Core
Feb 1, 2023
Est Read Time: 5 min
Read more
    21 22 23 24 25

    Always get the latest

    Sign up to get Cobalt insights delivered right to your inbox so you never miss a story.

    More resources

    Learn pentesting best practices, read answers to our most common questions
    and get our technical docs.