
Getting Started
Getting Started
Starting a pentest with us is as simple as pushing a button (the one below), filling in some simple details and we’ll do the rest.
Starting a pentest with us is as simple as pushing a button (the one below), filling in some simple details and we’ll do the rest.
Schedule a Demo
Our Process
Cobalt Pentests are on-demand hacker-powered penetration tests performed by a certified pentester supported by handpicked Core pentesters. You pay a fixed price based on application size and testing frequency. If you are looking for a focused application security assessment and penetration testing setup, where you get an actionable report for your team and customers, this is the solution for you.

Patch Vulnerabilities
When a program is launched you will receive vulnerability reports on Cobalt Central, your own application security inbox. Assign reports to your team members via your preferred workflow, such as Jira or Github. Clear up questions quickly by asking pentesters directly on Cobalt Central, and ensure that your security is hardened as efficiently as possible.
Our Workflow
Our Workflow
Step through our workflow for a typical Cobalt customer
Step through our workflow for
a typical Cobalt customer
Job Scoping and Skill Matching
Scoping
Job Scoping and Skill Matching
Talk to our experienced security team about your concerns. We’ll review your security needs, and requirements to ensure the best security test possible. For each test we assign a team with skills matched to your application stack.
Testing
Manual Testing and OWASP Coverage
Manual Testing &OWASP Coverage
Our pentesters dive into intensive testing of the URLs within your scope. They ensure coverage of OWASP top 10 and apply logical thinking to find the vulnerabilities scanners can’t find. Findings are reported real time on the platform.
Final Report
Summary and Findings
At the end of the pentest all findings are assessed and validated on impact and likelihood by the lead pentester. On top of the individual findings (which are great for your developers), you also receive a beautiful summary report to share.
Remediate
Fixing, Re-test and Verification
After the test you can collaborate directly with the security pentesters via Cobalt Central on fixing the vulnerabilities. Using a built-in workflow the pentesters will also do re-testing to verify your patches at no extra charge.
Rate
Pentest Rating and Pentester Rating
Pentest Rating &Pentester Rating
To maintain the highest quality possible and to continuously improve our service, all pentests and pentesters gets a quality rating. You provide a rating of the pentest and the individual pentesters get rated by their peers.
Repeat
Repeat as Required
Due to our global talent pool and agile delivery method, we can deliver these penetration tests as frequent as you like. We will support you in building a pentest program that fits your needs and SDLC.
A Beautiful Summary to share
A Beautiful Summary to share
Get a cleanly designed, clearly written summary document to share with your
stakeholders. And yes - the report is compliant with PCI, HIPAAand your awesome vendor assessment with F500.

Ready to get started?
Join some of these great clients we’re proud to have helped