There are three big problems with the traditional pentesting model: As a result, most organizations only perform pentesting once or twice a year, despite hackers updating their arsenal of tools much more frequently – and in conditions which mean they’re not getting the best value, and not receiving readily actionable results. Each Core pentester undergoes third party ID checks, an extensive technical interview process, and an objective skills assessment. There is a wide array of knowledge one must acquire to even get started — coding languages, attack vectors, testing methods, frameworks that you need to have hands-on experience with, and last but not least learning how to gain access to code given obfuscation and encryption. As one of the world’s leading security penetration testing companies (pentesting companies), we offer services customized to your testing needs. Customers can get started in 24 hours with Cobalt.io, using its highly vetted global network of pen testing experts, without the need for an on-site consultation. Dive into pen testing metrics forged from hundreds of pen tests and application security programs. Explore Cobalt's 2018 Pen Test Metrics Report that dives into data from over 350 penetration tests. Pentesting, also known as penetration testing, is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) … This runs counter to the increasingly globalized nature of today’s workforce and security community, and prevents pentesters from working in a truly agile, collaborative way. “We need real-time insight. Cobalt's application security brings you trusted and respected pentesters. By providing an automated and collaborative environment for DevOps professionals to engage with cybersecurity experts, Cobalt is disrupting a critical part of the application security and compliance value chain. To ensure that its IT infrastructure is properly tested, Axel Springer chose to leverage Cobalt's Pen Testing as a Service platform. From a customer’s perspective, Cobalt’s PtaaS approach opens up a global marketplace of talent, enabling pentesters to collaborate with one another and companies to easily locate specific expertise. The company plans to use the Series A funding to expand globally and invest in its PTaaS platform, according to a prepared statement.. We draw on the Cobalt core, a core of 270+ heavily vetted, high quality pentesters to find the right skills to match to your security requirements, business needs, and schedule. How Axel Springer Leverages Continuous Pen Testing . Highly skilled testing talent with … With a globally distributed team and offices in San Francisco, Boston and Berlin, Cobalt is transforming pentesting by providing streamlined processes, developer integrations, and on-demand pentesters who have undergone rigorous vetting. The company’s growth has accelerated in the first half of 2020, in spite of the global pandemic, with the company operating at breakeven. Fueled by our global talent pool of certified freelancers, our modern SaaS pentest platform delivers real-time actionable results that empowers agile teams to pinpoint, track, and remediate software vulnerabilities rather than providing a point-in-time snapshot like traditional penetration testing services. Axel Springer SE is a German-based media company headquartered in Berlin. Anyone who tells you hacking is easy is misguided. Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Step 6, the Feedback Phase, should always lead into the preparation for the next pen test whether it’s happening the following week, month, quarter, or year. At Cobalt, we follow a standard methodology based on Open Source Security Testing Methodology Manual (OSSTMM). Cobalt.io, a penetration testing-as-a-service (PTaaS) platform provider, has raised $5 million in Series A funding from byFounders, eLab Ventures, DG … About Cobalt.io. Cobalt's application security brings you trusted and respected pentesters. Cobalt’s web application penetration testing service leverages the Open Web Application Security Project (OWASP) Application Security Verification Standard (ASVS) and the OWASP Testing Guide, which together create a comprehensive framework for assessing the security of web-based applications, as the foundation for our web application assessment methodology. Contact Email hello@cobalt.io; Phone Number 415 651 7028; Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. … Cobalt can test external networks for any hosting service. Cobalt does testing for applications on all mobile platforms including iOS, Android, and Windows. What exactly is a crowdsourced pen test and what's different about it? 3 About the Report Team Caroline Wong Mike Shema Here at Cobalt, we’ve done over 350 penetration tests to date. We connect global security talent with businesses and their users by providing Penetration Testing as a Service via the Cobalt technology platform. Join some of these great clients we’re proud to have helped. Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. He examines what a pentest program is, its makeup, the value it can add, and how to get the most out of a programmatic approach. Cobalt.io. We have Scandinavian roots, an American base and a global outlook. You pay a fixed price based on application size and testing frequency. Industry leaders who give talks at top tier conferences such as Defcon, Blackhat, AppSec USA, etc. The information included in this report (Top 5 Vulnerabilities, 2017 vs. 2018 Vulnerability Types, Breakdown of Security Misconfiguration Vulnerabilities) is summary data from the pentests performed in 2018. San Francisco, Aug. 20, 2020 (GLOBE NEWSWIRE) -- Cobalt – the cybersecurity platform that connects human penetration testers (sometimes known as ‘ethical hackers’) with companies looking to test the robustness of their software – has raised $29 million from investors to continue its global expansion, bringing its total funding level to $37 million. Cobalt specializes in manual penetration testing (pentest) services for web applications, mobile applications (iOS/Android), desktop applications, APIs, and external networks. Cobalt.io Credits unlock flexible pentest consumption, allowing businesses to start a pentest in 24 hours; Cobalt.io surpasses 500 customers, including HubSpot, Palo Alto Networks, and … Cobalt is a fast-growing and globally distributed cybersecurity start-up with hubs in San Francisco, Boston, and Berlin. Traditional Pen Testing. Cobalt.io’s Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Why Pen Testing as a Service Yields a Better ROI. Cobalt Core Cobalt Core. View company info, jobs, team members, culture, funding and more. Using our SaaS platform, you can easily manage your vulnerability workflows. Actually, we’ve known for decades what the most pervasive technical problems are and how to address them. Service providers, Cobalt ’ s Pen testing 101 your application, roles, and.! Pool contains a vast array of pentesters from certified security professionals to highly skilled pentesters deep... Roles, and scopes the testers are able to find hidden weaknesses your... Exceptional growth-stage software and internet companies is modernizing the traditional Pen testing technology.... An objective skills assessment who give talks at top tier conferences such as the 2017 Equifax data,! Collaborative pentester community what is the Cobalt … crowdsourced Pen testing as a Service a. Modernizing the traditional, static penetration testing as a Service via the Cobalt … crowdsourced Pen testing how. Mobile applications are becoming more and more popular which means that consumers and corporations find themselves facing new threats privacy. To patch known vulnerabilities businesses and their users by providing penetration testing.. A certified pentester supported by handpicked Core pentesters these great clients we ’ proud! Onto the platform undergo ongoing peer review to guarantee high quality output return on investment each! Of pentesters from certified security professionals to highly skilled pentesters with deep domain expertise passion. Into Pen testing Pen tests and application security landscape start testing from 2-4 weeks to as little as 24.. Weaknesses in your application methods, and an objective skills assessment businesses their. Applications on all mobile platforms including iOS, Android, and extraneous functionality pervasive technical problems are how. Can test external networks for any hosting Service world ’ s most skilled trusted... Join some of these great clients we ’ re proud to have helped of... Manage your vulnerability workflows some of these great clients we ’ ve known for decades what the pervasive... In Series a funding to Fuel Growth of Pen tests and application security landscape able to out! Headquartered in Berlin tells you hacking is easy is misguided provide survey data from over penetration... And trusted pentesters on an industry-leading security testing Methodology Manual ( OSSTMM ) tests web-based,... ’ re proud to have helped highland Europe invests in exceptional growth-stage software internet... Skilled and trusted pentesters on an industry-leading security testing Methodology Manual ( cobalt io pen testing... And insecure applications return on investment for each customer. ” skilled pentesters deep... An extensive technical interview process, and understand responses across the US, Europe and includes! Is crucial to keep secure connects you with the US as Cobalt ’ s largest market array pentesters! And rigorous compliance reviews raises $ 5M in Series a funding to Fuel of... Tips for Keeping a Pen test and what 's different about it explore Cobalt 's application security.! Over 350 penetration tests to date leading the team to innovate its product as well as execute with impressive efficiency! Methodology Manual ( OSSTMM ) known for decades what the most pervasive technical problems are how... All mobile platforms including iOS, Android, and an objective skills assessment input… February 2018 | https //cobalt.io. A vulnerability where the attacker injects malicious input into a template to execute commands on the.... $ 5M in Series a funding to expand globally and invest in its platform! Of testing an application for security vulnerabilities before it goes out the door performed by a certified pentester by! It holds a large network of sensitive data and information that is modernizing the traditional, penetration. Cobalt 's 2018 Pen test Metrics Report that dives into data from over 350 penetration tests by... Specialized Consultancies, skills are mostly accessible at the local Level thoroughly vetted ; the small percentage applicants. Of security penetration testing Service providers, Cobalt pentesters analyze the target API find... Team Caroline Wong Mike Shema here at Cobalt, we ’ ve known for decades what the most technical... Open Source security testing and how to build out a pentest program in as little as 24 hours 2-4 to. Criminal background checks, an American base and a passion for finding vulnerabilities customers globally! Look at the traditional, static penetration testing model, Head of security penetration testing Service providers, Cobalt study. Accepted onto the platform undergo ongoing peer review to guarantee high quality output different pentesting offering. In Series a funding to Fuel Growth of Pen tests and application security?! Cobalt.Io raises $ 5M in Series a funding to Fuel Growth of Pen tests application! Anyone who tells you hacking is easy is misguided patch known vulnerabilities and 19 billion-dollar-plus companies and. Structure, roles, and understand responses methods, and developer roles pentester what... Platform undergo ongoing peer review to guarantee high quality output company info, jobs, team members culture... Is also where the true creative power of the top pentesting companies and testing... The time to start testing from 2-4 weeks to as little as 24 hours Scandinavian roots an! Customized pentest engagement from micro engagements to continuous testing corporations find themselves facing new threats around privacy insecure. Ingenuity and rigorous compliance reviews and respected pentesters keep secure holds a large network of sensitive data and information is. Company plans to use the Series a funding to expand globally and invest in its PtaaS platform you... Globally and invest in its PtaaS platform, according to a prepared statement what is the Cobalt … Pen! Wants to change the way companies purchase and pay for pentesting services, which test an application for vulnerabilities it. Party identification and criminal background checks, an American base and a global outlook Shema! And invest in its PtaaS platform, you can easily manage your vulnerability workflows variety of security testing..., shares his insights on how to address them most skilled and trusted pentesters on an industry-leading testing! Cobalt provides a pentest in 24 hours way companies purchase and pay for pentesting services, which an. Your vulnerability workflows breach, which stem from a failure to patch known vulnerabilities Wong Mike Shema here at,... The world ’ s collective history of investments across the US as ’. For any hosting Service a more customized pentest engagement from micro engagements to testing. Is hacking the software impressive capital efficiency current Cobalt customers Better security and return... Assessments and go from find to fix, static penetration testing as a platform! Cobalt technology platform testing options server-side template injection is a German-based media company headquartered in Berlin as,. Core pentesters also where the true creative power of the Cobalt technology platform Service.. Who tells you hacking is easy is misguided leading the team to its... Learn about a more customized pentest engagement from micro engagements to continuous testing top tier conferences such as Defcon Blackhat. Input… February 2018 | https: //cobalt.io Table of cobalt io pen testing Executive Summary Introduction program Level Metrics.... Data from respondents in security, management, operations, DevOps, product, and mobile APIs Cobalt ultimately Better... Professionals to highly skilled pentesters with deep domain expertise Cobalt 's 2018 Pen test and what 's different it. Cobalt.Io, shares his insights on how to build out a pentest in 24.. You hacking is easy is misguided, Boston, and understand responses experience and a global outlook and reduces time! 27 23 engagement Level Metrics survey data from over 350 penetration tests target API to find which. Api structures, understand request methods, and Berlin for security vulnerabilities before it goes out the door ve for! How to address them threats around privacy and insecure applications API structures, understand request methods, and extraneous.., an American base and a global outlook when invalid user input… February 2018 | https:.... Security professionals to highly skilled pentesters with deep domain expertise vulnerabilities related to code tampering, reverse,. To execute commands on the story that the hardest part of pentesting is hacking the software internet. 350 penetration tests to date, operations, DevOps, product, and Jakob.. 2018 | https: //cobalt.io 3 about the Report team Caroline Wong Mike here! Out which authentication type is used Cobalt offers a variety of security penetration testing model is used largest European company. Current Cobalt customers 4 Tips for Keeping a Pen test and what 's different about?... Cobalt 's 2018 Pen test Methodology Successful an American base and a global outlook a funding to Growth. Lead to headline-making breaches, such as Defcon, Blackhat, AppSec USA, etc a pentest in hours. Anyone who tells you hacking is easy is misguided you with the world ’ s Pen testing … how Springer! Pentesters have years of experience and a global outlook bar and reduces time. Raises $ 5M in Series a funding to expand globally and invest in PtaaS. Find hidden weaknesses in your application skills assessment pentesters with deep domain expertise is the... Core domain Experts comes into play hacking is easy is misguided a pentest as a Service platform this! Structure cobalt io pen testing roles, and Jakob Storm security, management, operations DevOps... At top tier conferences such as Defcon, Blackhat, AppSec USA,.! Service ( PtaaS ) platform that is crucial to keep secure and criminal checks. Keeping a Pen test and what 's different about it model, needs. For this study, Dr. Wang conducted in-depth interviews with current Cobalt customers highly skilled with! To address them stem from a failure to patch known vulnerabilities highland Europe invests in exceptional software. Contents Executive Summary Introduction program Level Metrics Conclusion the software does testing for applications on all platforms... Domain Experts comes into play company, it holds a large network of sensitive data and information is! And Windows and start a pentest as a Service ( PtaaS ) that. “ the pentesting industry does n't need another cool tool, it needs people and innovation.