Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Getting Started

Getting Started

Starting a pen test with us is as simple as pushing a button (the one below), filling in some simple details and we’ll do the rest.

Schedule a Demo

Our Process

Cobalt Pen Tests are on-demand hacker-powered penetration tests performed by a certified researcher supported by handpicked Core researchers. You pay a fixed price based on application size and testing frequency. If you are looking for a focused application 
security assessment and penetration testing setup, where you 
get an actionable report for your team and customers, this is 
the solution for you.

Patch Vulnerabilities

When a program is launched you will receive vulnerability reports on Cobalt Central, your own application security inbox. Assign reports to your team members via your preferred workflow, such as Jira or Github. Clear up questions quickly by asking researchers directly on Cobalt Central, and ensure that your security is hardened as efficiently as possible.

Our Workflow

Step through our workflow for
a typical Cobalt customer


Job Scoping and Skill Matching

Workflow step1

Talk to our experienced security team about your concerns. We’ll review your security needs, and requirements to ensure the best security test possible. For each test we assign a team with skills matched to your application stack.


Manual Testing &OWASP Coverage

Workflow step2

Our researchers dive into intensive testing of the URLs within your scope. They ensure coverage of OWASP top 10 and apply logical thinking to find the vulnerabilities scanners can’t find. Findings are reported real time on the platform.

Final Report

Summary and Findings

Workflow step3

At the end of the pen test all findings are assessed and validated on impact and likelihood by the lead researcher. On top of the individual findings (which are great for your developers), you also receive a beautiful summary report to share.


Fixing, Re-test and Verification

Workflow step4

After the test you can collaborate directly with the security researchers via Cobalt Central on fixing the vulnerabilities. Using a built-in workflow the researchers will also do re-testing to verify your patches at no extra charge.


Pen Test Rating &Researcher Rating

Workflow step5

To maintain the highest quality possible and to continuously improve our service, all pen tests and researchers gets a quality rating. You provide a rating of the pen test and the individual researchers get rated by their peers.


Repeat as Required

Workflow step6

Due to our global talent pool and agile delivery method, we can deliver these penetration tests as frequent as you like. We will support you in building a pen test program that fits your needs and SDLC.