Cobalt bug bounty programCobalt bug bounty programCobalt bug bounty program

Application security tailored for you

Cobalt hardens your application security by tailoring a security program to your needs. Here’s how it works.

Down arrow

Set the Scope

Talk to our experienced security team about your concerns. We'll review your security needs, discuss budget and requirements, show you through a demo, and tailor a security testing program specifically for you and your software development lifecycle.

Start a Program

Typically we would begin with a Private Pen Test setup with a small team of hand-picked security researchers (one of whom will be a certified CISSP or equivalent) doing timeboxed, focused penetration testing and vulnerability assessments.  

Following this, we usually recommend a Private Curated Bug Bounty open to our vetted Core Security researchers to apply a wider and shallower filter.

Patch Vulnerabilities

When a program is launched you will receive vulnerability reports on Cobalt Central, your own application security inbox. Assign reports to your team members via your preferred workflow, such as Jira or Github. Clear up questions quickly by asking researchers directly on Cobalt Central, and ensure that your security is hardened as efficiently as possible.