Cobalt Pentests are on-demand hacker-powered penetration tests performed by a certified researcher supported by handpicked Core researchers. You pay a fixed price based on application size and testing frequency. If you are looking for a focused application security assessment and penetration testing setup, where you get an actionable report for your team and customers, this is the solution for you.
When a program is launched you will receive vulnerability reports on Cobalt Central, your own application security inbox. Assign reports to your team members via your preferred workflow, such as Jira or Github. Clear up questions quickly by asking researchers directly on Cobalt Central, and ensure that your security is hardened as efficiently as possible.
Step through our workflow for
a typical Cobalt customer
Job Scoping and Skill Matching
Talk to our experienced security team about your concerns. We’ll review your security needs, and requirements to ensure the best security test possible. For each test we assign a team with skills matched to your application stack.
Manual Testing and OWASP Coverage
Manual Testing &OWASP Coverage
Our researchers dive into intensive testing of the URLs within your scope. They ensure coverage of OWASP top 10 and apply logical thinking to find the vulnerabilities scanners can’t find. Findings are reported real time on the platform.
Summary and Findings
At the end of the pentest all findings are assessed and validated on impact and likelihood by the lead researcher. On top of the individual findings (which are great for your developers), you also receive a beautiful summary report to share.
Fixing, Re-test and Verification
After the test you can collaborate directly with the security researchers via Cobalt Central on fixing the vulnerabilities. Using a built-in workflow the researchers will also do re-testing to verify your patches at no extra charge.
Pentest Rating and Researcher Rating
Pentest Rating &Researcher Rating
To maintain the highest quality possible and to continuously improve our service, all pentests and researchers gets a quality rating. You provide a rating of the pentest and the individual researchers get rated by their peers.
Repeat as Required
Due to our global talent pool and agile delivery method, we can deliver these penetration tests as frequent as you like. We will support you in building a pentest program that fits your needs and SDLC.