Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

FAQ

Pen Test Setup


Q: What are Cobalt pen tests?

A: Cobalt Pen Tests are focused, fixed price, manual application security tests performed by top crowdsourced security researchers, who are trusted, verified, and vetted. If you are looking for a focused penetration test and vulnerability assessment with actionable reports for your team and customers, this is the best option for you.

Q: Who will perform the pen testing?

A: We have many top-tier certified security researchers available. Upon scoping your project, we'll find a lead pen tester that has strengths in your specific technology stack. She or he will be supported by an additional 1-3 technical domain experts who are skilled at finding vulnerabilities.

Q: Can I choose my own pen testers?

A: Usually we match the researchers with the right skills for your application, but if you already know the specific security researchers you want to use, we can facilitate the process of adding them to the Cobalt Core and you can leverage all the benefits of the Cobalt platform including interactive collaboration, issue-tracking, agile communication, and payments.

Q: What are the pen test deliverables?

A: Your application will get manual security tested according to OWASP best practices (e.g. OWASP ASVS) and receive a review of specific application business logic. You will receive individual findings through the Cobalt platform as well as a summary report with an executive summary of the pen test performed and specific recommendations for remediation and mitigation.

Q: How much does it cost?

A: The price depends on the size of the application and testing frequency. Due to our agile approach, you can expect a price significantly lower than what a traditional consultancy might charge. Schedule a Demo to hear more.