Flux is a fast-growing internal mobility platform that needed a pentesting partner to start right away. When Flux signs new customers, they often have security and pentesting requirements that demand clear, detailed reporting. Cobalt's expert pentesters started pentesting quickly - within two days - offering a complete scope of testing across standard processes, critical web application security risks, and testing in isolation.
With retesting automatically included as part of Cobalt’s services, and remediation reflected in the final report, Flux was able to sign new customers and confidently meet their stringent security requirements.
“As a fast growing startup, speed is a major factor in a pentesting partner. Cobalt started our pentest within two days of negotiating the contract. Testing, retesting and analysis lasted two weeks and we had a detailed report within three days of the testing window. Beyond the speed we achieved, another success is the ability to make our system more robust through development practices.”
Speed is key for Flux—prospective customers often require pentesting reports before signing on.
Flux needed detailed testing for web application security.
Flux needed a partner that could produce customized reporting for their different stakeholders
Cobalt completed the test, produced a report and completed retests within two weeks
Cobalt tested more than expected and provided a thorough analysis.
Cobalt helped Flux improve input validation, code development and logic.
Flux offers an internal mobility platform that helps companies develop, engage and retain their workforce. Flux connects employees with roles and projects within their company to gain new skills, explore new roles or take the next step in their careers. As a result, retention improves and hiring managers can fill roles with greater efficiency.
As a multi-tenant system, Flux needed pentesting to help prevent client data leaks. Cobalt delivered thorough, professional testing of the Flux application, website, logic and workflow. Cobalt also tested tenant isolation, which is important to Flux and its customers.
Cobalt tests from a real attacker's perspective, which helped Flux improve validation and development. With customer data in its application, pentesting and security checks are vital to client engagements.
Cobalt’s PtaaS platform provides real time visibility and gave Flux the opportunity to remediate right away before a final report was delivered. Cobalt’s customizable reporting offered Flux’s internal employees a complete level of detail, including discussions with the pentester about specific findings. Flux customers were able to see reports of how many issues there are, a brief summary of each and an explanation of the resolution.
With retesting and remediation reflected in the final Cobalt report, Flux was able to sign new customers and confidently meet their stringent security requirements.
“Our Cobalt pentesters were a great resource, reporting issues in a clear, professional manner and was responsive to our questions. Overall, we were pleased with their discoveries and responsiveness, which we ultimately used to improve our application code.”
Cobalt’s pentest findings and analysis prompted us to have a general engineering discussion about how to strengthen our code and development. It specifically helps our team improve input validation and logic to defend against threats. As our offering and our business grow, we know what to pay attention to and how to emphasize secure development processes.