Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

<
Back to Main

What traits do successful pentesters have in common?

Esben Friis-Jensen
Jan 9, 2020

We surveyed the Cobalt Core — our community of pentesters — to hear what they value most when working with other pentesters. We also asked them to nominate some top performers exemplifying these characteristics.

Pentester Success Traits

2019 was an amazing year for Cobalt and our pentester community, the Cobalt Core. We are extremely proud of having such a great community of vetted and highly-skilled pentesters with a variety of diverse skill sets. Each tester has their own unique style and creative flare when it comes to pentesting but also understands the importance of coverage and hitting common test scenarios for each pentest engagement (such as OWASP Top 10 and ASVS).

Although each individual is unique, when we surveyed our pool of 270+ pentesters we found that there were a few commonalities in what made a pentester enjoyable to work with. Let’s explore these three recurring themes that our pentesters mentioned about the colleagues that they enjoyed working with.

1) Strong technical aptitude

Passion, skills, and technical know-how are key to being a successful pentester. Of course being able to find vulnerabilities is important, but it is equally as important to recognize a vulnerability’s impact on the application or network.

2) Effective communication and collaboration

Pentesters’ ability to communicate and collaborate is something that was mentioned over and over again. Communicating effectively, providing productive feedback, responsiveness, and willingness to help out and be supportive were mentioned in almost every response.

3) Work ethic and professionalism

Pentesters defined hardworking and professional as dedication to success with heightened management skills. Words that were used to describe this theme included excellent leader, good advisor, dedication to the engagement, and ability to produce detailed reports and team updates. Through this hard work, dedication, and professionalism, Core pentesters are able to push others to perform at their best.

Interestingly enough, these recurring themes also mirror the Cobalt Core’s values, including a collaborative and professional spirit, a desire for continuous and humble learning, and a commitment to quality at speed.

As part of the survey, the community nominated a few of their peers as those who best exemplify the values of the Cobalt Core. We asked the pentesters that were nominated to share their thoughts on working for Cobalt.

Stefan Nicula | Snicula

Stefan was selected by his peers as a hardworking, smart, and collaborative leader who’s ability to communicate both with customers and pentesters is exceptional. The Cobalt Core highlighted his vulnerability write-up style and dedication to supporting the team.

We asked Stefan a few questions about being on the Cobalt Core, and here is what he had to say:

What are three traits you look for in a good pentesting team?

Of course, when it comes to a good pentest team, the in-depth technical knowledge is a key aspect. As equally important, I strongly believe the success of a great pentest project with Cobalt lies in the collaboration between the pentesters. It’s about keeping close communication with each other and sharing ideas. Following this notion, the third trait would be the unique contribution of each pentester towards creating an awesome experience for everyone.

Dan Pobereznicenco | Dancezar

Dan was chosen by his peers for his collaboration and teamwork. He is regarded as a pentester who is always willing to exchange ideas and work together to take vulnerabilities to the next level. Through his collaborative nature he encourages others to do their best.

Check out what Dan had to say about being apart of the Cobalt Core:

What is your favorite part about pentesting for the Cobalt Core?

“I like that I can work for large brands from a variety of industries. I appreciate that I can work directly with a customer’s security and development teams and directly impact their security development process. This direct collaboration with clients helps me confirm vulnerabilities that might be unfixed or overlooked because the business risk is unclear. In this way, we can identify how vulnerabilities might impactful their specific business.”

Looking Forward

2019 was a great year for Cobalt delivering thousands of successful pentests, this is largely due to our awesome community of pentesters. So a huge thank you shoutout to the Cobalt Core for another great year and look forward to 2020 being just as great!

Interested in learning about our pentester community? View more Cobalt Core pentester profiles here.