Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

FAQ

Why Cobalt


Q: Why should I use Cobalt?

A: At Cobalt, we believe that modern applications deserve something better than generic vulnerability scanners and overpriced penetration testing consultants. We have built a best in class SaaS platform which provides on-demand pen testing by connecting you to top application security researchers around the world.

Q: How is Cobalt different from traditional penetration test models?

A: There are two main characteristics that set us apart from traditional penetration testing models: 1. We source our researchers from a large global talent pool of vetted freelancers, which means we can be agile without compromising quality or increasing price, and 2. We deliver all the reporting and communication through a modern online platform, making it easier for you to collaborate continuously with the researchers and integrate seamlessly with your SDLC.

Q: What types of applications can be tested?

A: Our vetted and trusted group of security researchers, called Cobalt Core, is highly experienced in doing assessments and penetration testing of web applications, mobile applications, web APIs, external networks, and Amazon Web Services. If your application does not fall into these categories, we're still happy to have a chat and see if we can help.

Q: Can you help with PCI, HIPAA, SOC-2 compliance?

A: We can fulfill the penetration test requirements for most compliance needs, including vendor assessments, PCI, HIPAA, SOC-2, etc. Schedule a demo to get more insight on the certifications we can help you with.