The Cobalt Core: A pentester community built on diversity, collaboration, and learning

The Cobalt Core is our highly-experienced, geographically-diverse community of pentesters. The community consists of over 250 members worldwide and has helped Cobalt secure over 2000 applications since 2013.

A few months back, we surveyed our community and conducted several one-on-one interviews to get a better understanding of our pentesters’ motivations and what they love about the Cobalt Core. Here is what we learned and wanted to share:

1. The Core is a globally-distributed community with diverse, yet tenured, backgrounds and expertise

The Core is geographically distributed around the globe with pentesters located on every continent except Antarctica. The top countries represented include the United States, India, United Kingdom, Romania, and Germany.

Our pentesters are seasoned technical professionals. More than 60% of Core pentesters report having at least five years of pentesting experience, on top of that, 79% of our pentesters have at least five years of total professional experience.

Although certificates are not necessary for joining the Core, more than 60% of the community hold at least one security professional certification, with the Offensive Security Certified Professional (OSCP) cert as the most popular. Certificates alone are not imperative to a pentester’s success; however, they can be seen as an indicator for a desire for further learning and professional growth.

2. Learning and development is a main driver for being a part of the Core Community

Gaining professional experience was the most cited reason for freelancing with Cobalt. Over the past seven years, Cobalt’s pentesters have tested thousands of applications including web, mobile, APIs, network, and cloud. These engagements allow pentesters to test new technology stacks, sharpen their skills, and examine different applications. Survey responses highlighted that Cobalt engagements enhance their testing proficiency, introduce new technical challenges to improve their skill sets, and teach new ways of addressing business logic. In this iterative and collaborative process, pentesters are continually staying abreast of the rapidly changing attack surface, helping our customers proactively identify vulnerabilities in new technologies while improving application security across standard web applications, APIs, and mobile. (Explore how Pentest as a Service creates a collaborative experience for customers as well by allowing their engineering teams to connect directly with pentesters.)

Pentesters noted that Cobalt gives them the ability to develop their management experience. Each pentest engagement is assigned a lead pentester who is tasked with not only testing but also guiding the team during engagement. He or she assists as a liaison to the client.

What a few of our pentesters had to say about learning and development:

• “Pentesting is like a puzzle to me. I enjoy the entire process of trying various testing techniques.”
• “I enjoy figuring out how things work, how to break things, how to make them do things I want or need, and then putting it all together to help to remediate the issue to prevent it from happening again.”

3. Collaboration is a differentiating factor for the Core Community

Surveyed pentesters shared that Cobalt’s PtaaS approach inspires a collaborative and collegial nature that is unlike any other security platform out there. It provides a space for them to explore interesting applications and learn from their pentester peers and customer security teams alike. Pentesters are able to connect to the Core community via Slack and in-app communication. This collaborative nature has forged a community built around trust, professionalism, diverse expertise, and unique perspectives. Collaboration, combined with the thrill of the hunt, makes for a security professional’s ideal playground.

What some of our pentesters had to say about the collaboration:

• “I enjoy the camaraderie amongst the Core and the ability to chat with the customer in real time”
• “Collaboration is great! When we share information, resources, techniques, etc we are able to achieve more interesting and impactful results. Synergy works like 2+2=5”

The Cobalt Core, is just that: the core of Cobalt. Composed of security professionals who are passionate about what they do, they are the driving force behind the PtaaS platform. They bring their pentesting experience, professionalism, and collaborative spirit together to make the internet more secure — one application at a time.

The Core is committed to delivering quality pentest services to our diverse customers, while always striving to continuously learn, keep up to date on the latest vulnerabilities and exploits, and the tools and methodologies to find them.

What some of our pentesters had to say about Cobalt:

• “I’ve been a member of the Cobalt Core community for 5 years and I am beyond grateful for the opportunity that Cobalt has provided me. It’s given me the chance to work and grow as a pentester. And the additional income has also helped me and my family a lot. Cobalt means a lot to me!”
• “Overall, it has been great to be a part of the Cobalt team! For the first time in my professional career, I really feel that I am part of a great team that truly cares about me.”
• “I’m very happy with Cobalt and the Core community. It is more than just a job, I enjoy working here and being a part of a talented community. It’s amazing that I am able to do what I love for my job.”
• “I am really happy and grateful for being a part of Cobalt, I am totally valuing and enjoying my time with cobalt. My earnings from cobalt has really helped me to achieve my financial goals.”
• “I think Cobalt is an amazing place to work and I look forward to continuing to grow with the company. I’m always eager and happy to recommend Cobalt to my peers.

Interested in joining the Cobalt Core? Apply here. Want to take a closer look at who the Core is? Learn more about the Pentesters in the Cobalt Core.