Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

The State of Pentesting 2021

The State of Pentesting 2021

The State of Pentesting 2021

We dive into data from 1,602 pentests performed in 2020 on Cobalt's Pentest as a Service (PtaaS) platform and 601 survey responses for a comprehensive look at the state of pentesting to date. We uncover a broad mixture of vulnerabilities, pain points, workflow challenges, and suggestions on how pentesting can become a more effective layer of defense.

Stronger together.

Cobalt Vulnerability Wiki

The State of Pentesting 2021 Webinar


Pentester Diaries Ep7: Tips for Communicating with Customers


451 Research Insight Report on Cobalt PtaaS Model


Get to Know the Cobalt Core


Pentester Diaries Ep6: The Importance of Report Writing


Services Brief: Advisory Services


Webinar: How to Stay Audit-Ready & Bolster Your ISO 27001 Compliance Readiness with Cobalt & Tugboat Logic


Pentester Diaries Ep5: Understanding Severity Ratings


Live Demo of the Cobalt Platform


Webinar: 6 Steps to Building a Pentest Program for SOC 2 Compliance


Pentester Diaries Ep4: Beyond Security Hygiene


Beginner's Guide to Compliance Driven Pentesting


Pentester Diaries Ep3: Time Management & Pentest Organization


Pentester Diaries Ep2: 2FA Bypass Techniques


SANS Pentest as a Service with Cobalt


Security Maturity Assessment: Is your security program reliable?


Pentester Diaries Ep1: Understanding Business Logic


Pentesting in DevOps: A How-To Guide


A Comprehensive Guide to Building a Pentest Program


Pentest as a Service Impact Report 2020


Security Touch Points in the Big Data Lifecycle


From Pen Test to Pentest


Structure Your AppSec Team for Success


Why HubSpot Moved to a Tech-Forward Approach to Pentesting


Trust + Expertise: Why Talkdesk Chose Cobalt for Pentesting


Top 4 Reasons to be ISO 27001 Compliant


Building an AppSec Budget Based on Risk Tolerance


The Challenge of Traditional Pentesting in a Modern Software Dev Environment


How customer collaboration during a pentest can lead to finding a RCE


From the Basement to the Boardroom — AppSec Business Impact is on the Rise


AppSec Testing Approaches


Nurturing the Security Mindset


A Manager’s Guide to Selecting the Best Testing Approach for Your Application Security Needs


The Challenges of Threat Modeling Modern Applications


How to Build an Efficient Security Vendor Management Process


5 Things a Pentester Looks for When Evaluating an Application


Shift AppSec Virtual Conference


OWASP Top 10 is a Good Start. Now What?


Guide to Gamifying Security: It Takes Security + Dev


What is Pentest as a Service?


Humans of InfoSec Podcast Recap Newsletter


How Pentest as a Service saves Smarsh time & money


How movingimage Stays Agile with Pentest as a Service


Three Signs It’s Time to Rethink Your PCI Pentesting


How Axel Springer Leverages Continuous Pentesting


2018 Pentest Metrics


How Algolia Increases Security Without Slowing Development


Cobalt 2018 Growth: European Expansion


DevSecOpsLIFE Episode 6 - Caroline Wong


Jeff Forristal: Guide to API Security Testing


Pentest as a Service Life Cycle Infographic


A new kind of security podcast: Humans of InfoSec


Analyst Research: ROI of Pentest as a Service


How to Choose a Pentesting Service


Security Testing for SaaS Startups


Cost Metrics: Exploring Pentest as a Service


Cobalt Makes Pentesting Fun for dscout


Vendor Security Questionnaires: The Buyer’s Perspective


The 6 Stages of Pentest as a Service


Analyst Webinar: Optimizing your Pentest Budget


7 Steps to Building a Yearly Pentest Plan


A Modern Approach to Pentesting


Women in Cybersecurity: A Progressive Movement


New Alternatives to Bug Bounty Programs


Leveraging Crowdsourced Security


Pentest Metrics


Pentesting for SaaS Companies


Crowdsourced Pentests and Vendor Risk Management


A Promethean Struggle: PCI's Lessons for Passwords


The Flaws in Hordes, the Security in Crowds


Crowdsourced Pentesting 101


Effective AppSec Metrics with Caroline Wong


How to Survive a Vendor Questionaire


Software Development Lifecycle #FAILS


Pentest Metrics: Data from the AppSec Trenches


Crowdsourced Pentesting


What's Making Modern AppSec Effective?


Pentest Self-Assessment Questionnaire


The State of Pentesting 2021


AppSec ABCs Children's Book


A Practitioner’s Guide to Application Security


From the Basement to the Boardroom — AppSec Business Impact is on the Rise