Q: Who are the security researchers?
A: The Cobalt Core is a community of highly skilled security researchers who are passionate about what they do and who are always striving to be at the top of their game. This curated community is made up by security professionals with many years of experience and specialized skills. They all have a strong drive to keep to up to date on the latest vulnerabilities and exploits, and the tools and methodologies to find them.
Q: Can anyone become a security researcher on Cobalt?
A: In order to join the Cobalt Core, a researcher must undergo a strict vetting process. This process includes third-party government ID verification, social media account review, and a thorough interview over video conference call.
Q: How are Cobalt security researchers rated?
A: Security researchers receive feedback about their performance from businesses and their peers when they participate in a security program. This feedback contributes to a security researcher's quality score and vulnerability report ratings, which help rate a security researcher's overall performance on the Cobalt platform. The best rated security researchers on the platform can be found here in the Cobalt Hall of Fame.
Q: What is a Quality Score?
A: The Quality Score shows a security researcher’s overall achievement on the Cobalt platform. Scores are based on a scale of 1 to 5, with 5 being reserved for the best security researchers with the highest, most in-demand skills.
Q: How are vulnerability report scores calculated?
A: After a lead researcher has reviewed a vulnerability report, the report is assigned a score, and that score is included in the average of a security researcher's vulnerability report scores. Scores are based on a scale that can be found here.