Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

What is a Pentest?

What is a Pentest?

What is Manual Pentesting?

Manual penetration testing is an approach to security testing that layers human expertise on top of professional penetration testing software and tools, such as automated binary static and automated dynamic analysis. Pentesting software is great at discovering problems with standard vulnerability classes but is unable to detect certain design flaws.

A manual pentest performed by a skilled pentester is required to provide complete coverage including design, business logic and compound flaw risks that can only be detected through manual (human) testing.

Pentest as a Service vs
Traditional pentesting

1— Trusted Talent

When beginning a pentest engagement customers gain access to Cobalt’s large, diverse talent pool. Cobalt matches pentesters to each project based on a pentester skill set and experience with the technology stack of each application or network. So you don’t just get whichever generalists are available, but the pentesters who best match the specific project.

2— Effective Workflows

Cobalt’s collaborative platform allows you to more easily manage all your pentest findings compared to a traditional PDF pentest report. These findings can also be directly integrated into your development lifecycle workflow via bug tracking systems such as JIRA and GitHub.

3— Collaborative Platform

Customers are able to communicate in real-time with the pentester who discovered each vulnerability making the testing and re-testing much faster. You no longer have to wait up to two weeks after testing is completed to receive your pentest report, as you did with traditional pentesting.

4— On-Demand Scheduling

Due to how Cobalt schedules and tracks the availability of our pentesters, scheduling is much faster and typically happens within 48 hours instead of a matter of weeks.

Pentest as a Service Life Cycle


You can now answer the question: What is penetration testing? But you may have a new question: What is Pentest as a Service? Pentest as a Service can be understood as a 6 step cycle: Preparation, Kick-Off, Testing, Reporting, Re-Test, and Feedback. If you are interested in learning more check out this blog post.