Menu Icon
< back to main
 • 2 min read

Researcher Vetting + Verification

Over the past few weeks, we’ve implemented a series of small tweaks to the signup process for Cobalt testers. These changes are made to...

Researcher Vetting + Verification
Julie Kuhrt
Julie Kuhrt

Want to see the platform in action?
get a demoArrow Right
Want to see the platform in action?
get a demoArrow Right

Researcher Vetting + Verification

Over the past few weeks, we’ve implemented a series of small tweaks to the signup process for Cobalt testers. These changes are made to help build a more trusting relationship between businesses and security researchers on our platform. Today, we want to help give you a little more insight into the vetting and verification process that all security researchers undergo before being able to participate in any of our security programs.

Vetted on skills and experience.

The Cobalt vetting process is designed to ensure that our testers are the best and brightest crowd around. When inducting a researcher into the Cobalt Core, we look at a their skills, experience, and achievements in past security programs. This addition to the registration process ensures that only the best security researchers are active in Cobalt programs.

Undergo identity verification before receiving reward payments.

By law, we are required to keep a valid form of identification for each security researcher that receives payment through our platform. We know what you’re thinking — No, we did not suddenly become the NSA. We do this to be compliant, and to ensure that testers are paid for their bug bounty rewards as quickly as possible. We are committed to securely storing our tester data.

Profile Tips for Security Researchers

Your Cobalt profile is an important tool in building trust with businesses hosting bug bounty programs. All testers are encouraged to complete their tester profiles, which are visible to businesses and could potentially be showcased in our Hall of Fame.

  • Include as much information as possible about your background and accomplishments in security and web application testing.

  • Complete your profile by adding social network profiles, a strong profile image, and links to your work. (This will help speed up the vetting process)

  • We understand if you aren’t comfortable uploading your face on the internet — but avoid using cartoons, and offensive or violent images for your avatar.

  • Users with incomplete profiles or inappropriate profile images may have to wait longer for the vetting process to be complete.

We’ve instituted these changes to give both our researchers and businesses a positive experience on our platform. Do you have any questions or comments about these changes? Check out our FAQ or get in touch with us at hello@cobalt.io.

Related Stories

Cybersecurity Statistics for 2021
Cybersecurity Statistics for 2021
What's new in ransomware, social engineering, and many other security threats
Read moreArrow Right
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
Each year, we publish The State of Pentesting report to provide a detailed overview of vulnerabilities and identify the trends and hazards that impact the cybersecurity community.
Read moreArrow Right
How to Build Resilience in Cybersecurity: 4 Lessons Learned From Military Experience
How to Build Resilience in Cybersecurity: 4 Lessons Learned From Military Experience
What better group to turn to for advice than security leaders who have worked on the front lines of risk and uncertainty?
Read moreArrow Right
New Ebook: Beginner’s Guide to Compliance-Driven Pentesting
New Ebook: Beginner’s Guide to Compliance-Driven Pentesting
Find out more about the role of pentesting in your company’s compliance effort.
Read moreArrow Right

Never miss a story

Stay updated about Cobalt news as it happens