Cobalt Enhances Continuous Testing Capabilities, Including Attack Surface Monitoring on its Platform, Providing Visibility into External Threats and Risk Insights

The advanced features bolster automated scanning capabilities and strengthen offensive security measures in conjunction with API scanning and a streamlined integration builder

SAN FRANCISCO, Sept. 18, 2024 – Cobalt, the pioneer of Pentest as a Service (PtaaS) and leading provider of offensive security solutions, today announced new features for its Attack Surface Monitoring (ASM), including updates to its DAST scanner, a workflow builder with more than 50 integrations for streamlined findings, and an updated homepage for a unified view of security insights and an industry-first pentest planning where customers can build-out their testing program proactively The features are now live on the Cobalt platform.

One of the biggest cybersecurity challenges for enterprises today is gaining full visibility into their external attack surface and understanding its risks. As the attack surface continues to grow, security teams need comprehensive insight into all external-facing assets. That’s what makes these new features crucial. They provide customers with continuous, automated security testing in addition to expert-led pentests to strengthen their defenses against cyberattacks.

“Efficient planning and focused, continuous testing automation are key capabilities for a robust offensive security strategy," said Jason Lamar, Cobalt SVP of Product. “Our scanners enable customers to swiftly identify vulnerabilities in their web applications, while ASM offers a complete view of their attack surface, allowing them to manage risks with precision. Our pentests go beyond automated tools, detecting threats only human intelligence can uncover, providing customers with a deeper level of protection. As attack surfaces grow and budgets tighten, businesses need efficient, intuitive solutions to understand and mitigate risks. At Cobalt, we combine cutting-edge technology with expert insights from our trusted security community to deliver intelligent risk remediation—ensuring your path to innovation remains secure."

Cobalt’s platform updates help support better attack surface discovery, continuous asset visibility, and faster remediation, including:   

• Enhanced Homepage and Pentest Planning: The revamped homepage provides immediate insights into remediation trends and upcoming pentests, plus findings from automated tests. See and plan your pentest scheduling with unparalleled efficiency.
• Streamlined Findings with Integration Builder: Cobalt’s Low-Code Integration Builder simplifies integrating findings into systems like Jira, GitHub, Azure DevOps, and ServiceNow. It now supports more than 50 integrations, webhooks, and direct API access.
• Attack Surface Monitoring: now includes automated security checks for exposed credentials, generic tokens, weak cipher suites, missing security headers, and takeover risks. 
• API Scanning: Cobalt’s built-in scanner now supports standalone API scanning, ensuring automated vulnerability assessments for both APIs and web applications.

The new enhancements to Cobalt’s purpose-built offensive security platform and product roadmap build on a highly successful period for the company. In 2024, G2 recognized Cobalt as a Leader in the Enterprise Penetration Testing Software category. The company was also named the sole Outperformer in GigaOm's Radar for Penetration Testing as a Service for two consecutive years, starting in 2023. Cobalt Labs has been recognized as a Sample Vendor for Penetration Testing as a Service in the July Gartner® Hype Cycle™ for Security Operations, 2024 and Hype Cycle™ for Application Security, 2024 reports. 

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and HYPE CYCLE is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications,

and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Cobalt

Cobalt combines talent and technology with speed, scalability and resilience. Our award-winning Pentest as a Service (PtaaS) model empowers organizations to keep pace with their evolving attack surface and agile software development lifecycles. Thousands of customers and hundreds of partners rely on Cobalt's modern SaaS platform and exclusive community of more than 400 trusted security experts to secure applications, networks, and devices. We deliver security testing that supports business drivers, maximizes internal resources, and creates stronger security programs so that organizations can operate fearlessly and innovate securely.