Reach out to learn about a more customized pentest engagement from micro engagements to continuous testing. Cobalt specializes in manual penetration testing (pentest) services for web applications, mobile applications (iOS/Android), desktop applications, APIs, and external networks. at a glance Manage your company's vulnerability - get penetration-testing assessments and go from find to fix Cobalt.io focuses on SaaS, Security, Marketplaces, Crowdsourcing, and Freelancers. Cobalt.io is doing that with pentesting, the process of testing an application for security vulnerabilities before it goes out the door. API penetration testing is very similar to web application penetration testing and so the Cobalt API pentesting methodology is based on the same foundation - the OWASP Top 10, the OWASP ASVS, and the OWASP Testing Guide. The breakneck pace of technology innovation has triggered increased demand for sophisticated human cybersecurity experts, who work to find vulnerabilities in software – a process known as ‘penetration testing’ or ‘pentesting’. The output of a pentest is typically a static PDF, making it hard for data to make its way to developers in a form that allows them to patch vulnerabilities, and raises the risk they will go unaddressed. Industry thought-leaders … Cobalt pentesters will carry out the testing without detailed network or infrastructure diagrams and without any accounts or additional user information (unless required as part of the scope). As the Pen Test Team conducts testing, the Cobalt Core Lead ensures depth of coverage and communicates with the Customer as needed via the platform and Slack channel. Dive into pen testing metrics forged from hundreds of pen tests and application security programs. Experienced security professionals from industry-leading enterprise companies. This vulnerability occurs when invalid user input… We have Scandinavian roots, an American base and a global outlook. Cobalt.io’s Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. What you will take away from this talk: The 3 most common pen test pitfalls; Leveraging the creative power of the elite crowd security Cobalt.io, a “pentest-as-a-service” platform that lets any business access ethical hackers to stress-test their software, has raised $29 million in a series B round of funding led by … What exactly is a crowdsourced pen test and what's different about it? Cobalt now has more than 500 clients, including GoDaddy, Vonage, Axel Springer and MuleSoft, and around 300 pentesters on its platform. Using our SaaS platform, you can easily manage your vulnerability workflows. Knowing your vulnerabilities and how attackers might exploit them provides tremendous insight that you can use to improve your security posture. Cobalt is a fast-growing and globally distributed cybersecurity start-up with hubs in San Francisco, Boston, and Berlin. “Sometimes it’s by solving unsexy problems that you revolutionize a whole industry,” said Caroline Wong, Chief Strategy Officer of Cobalt. Cobalt.io Raises $5M in Series A Funding to Fuel Growth of Pen Testing as a Service Platform. ... 3 Key Factors for Improving a Pen Test Lessons learned from collecting and implementing feedback from over 300 pen … by Dan Kobialka • May 6, 2018. Whether you align your pentesting with major feature releases or using them as periodic checkups, you can discover what kinds of vulnerabilities have slipped through your development process. Actually, we’ve known for decades what the most pervasive technical problems are and how to address them. The consultancy structure means getting a pentest up and running is slow and cumbersome – and based on which testers in the team have spare capacity, rather than whether their expertise makes them suitable for a particular job. For instance, Cobalt pentesters discover vulnerabilities related to code tampering, reverse engineering, and extraneous functionality. This raises the quality bar and reduces the time to start testing from 2-4 weeks to as little as 24 hours. As one of the top pentesting companies and penetration testing service providers, Cobalt offers a variety of security penetration testing services. What is crowdsourced security testing and how it is disrupting the application security landscape? With code-assisted, gray-box penetration testing, Cobalt’s pentesters have access to the source code of the application; effectively enabling the team to use the code alongside testing activities as a means to gain a thorough understanding of the target application and enhance the accuracy of the findings discovered during testing. Crowdsourced Pen Testing 101. The scope of this exploration is black-box penetration testing (“humans”) against dynamic scanning and out-of-band testing … Contact Email hello@cobalt.io Phone Number 415 651 7028 Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. Caroline Wong sits down with Dr. Chenxi Wang to discuss her newest ROI research on Cobalt’s Pen Testing as a Service (PTaaS) model. With Pentest as a Service (PtaaS), Cobalt delivers on-demand, human-powered penetration testing services across a variety of application portfolios. Cobalt.io’s Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Cobalt tests web-based APIs, REST APIs, and mobile APIs. What is Pentesting? This methodology for network penetration testing services includes: The External Network test can be limited to a specific IP range or also include more wide reconnaissance using OSINT (open-source intelligence). Cobalt is quickly establishing thought leadership in this critical area of cybersecurity, releasing its annual ‘State of Pentesting’ report, and expects to continue to enrich its business insights and product features in the future. This can lead to headline-making breaches, such as the 2017 Equifax data breach, which stem from a failure to patch known vulnerabilities. Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Where is Cobalt on this journey? 1 ranked researcher on the Cobalt … For the Series B round Highland was joined by angels Scott Belsky (chief product officer at Adobe), Soren Abildgaard (executive VP of engineering at Zendesk), Chris Eng (Chief Research Officer at Veracode), Gary Swart (former CEO of oDesk), Elizabeth Tse (former senior VP of Operations at Upwork), Greg Nicastro (former executive VP of Product at Veracode and former Chief Product Officer at CloudHealth Technologies) and existing angel investor Gerhard Eschelbeck (former VP of security and privacy engineering at Google). No two applications are the same, so we bring just the right combination of skills, performance, and experience to you based on your tech stack. Cobalt can test external networks for any hosting service. Cobalt is a fast-growing and globally distributed cybersecurity start-up with hubs in San Francisco, Boston, and Berlin. Continuous learning is key when testing products against the latest attack vectors. As the largest European media company, it holds a large network of sensitive data and information that is crucial to keep secure. We were impressed with what Jacob and his co-founders have accomplished within such a short period, and believe in their vision to democratize access to the best cybersecurity talent in a transparent manner.”. Excellent Reporting Skills: The report is the final exhibit of your findings. Cobalt.io, a penetration testing-as-a-service (PTaaS) platform provider, has raised $5 million in Series A funding from byFounders, eLab Ventures, DG … 2 Table of Contents Executive Summary Introduction Program Level Metrics Survey Data 5 7 10 17 27 23 Engagement Level Metrics Conclusion. Each Core pentester undergoes third party ID checks, an extensive technical interview process, and an objective skills assessment. “The pentesting industry doesn't need another cool tool, it needs people and process innovation. Can't find what you're looking for? Ray Espinoza, Head of Security at Cobalt.io, shares his insights on how to build out a pentest program. About Cobalt.io. Can't find what you're looking for? We draw on a core of 270+ highly vetted, certified pentesters to find the right skills to match to your security requirements and business needs. © 2020 GlobeNewswire, Inc. All Rights Reserved. What is Pentesting? View company info, jobs, team members, culture, funding and more. Additionally, we provide data (Portfolio Coverage, Pen Test Frequency) from 75 survey respondents in security, management, operations, DevOps, product, and developer roles. The State of Pentesting 2019 Here at Cobalt, we’ve done over 1400 pentests to date. We connect global security talent with businesses and their users by providing Penetration Testing as a Service via the Cobalt technology platform. Cobalt pentesters study API structures, understand request methods, and understand responses. We connect global security talent with businesses and their users by providing Penetration Testing as a Service via the Cobalt technology platform. Cobalt.io. Cobalt pentesters analyze the target API to find out which authentication type is used. This runs counter to the increasingly globalized nature of today’s workforce and security community, and prevents pentesters from working in a truly agile, collaborative way. Cobalt’s unique delivery model meets this need. The Cobalt research pool contains a vast array of pentesters from certified security professionals to highly skilled pentesters with deep domain expertise. By understanding structure, roles, and scopes the testers are able to find hidden weaknesses in your application. Highland’s collective history of investments across the US, Europe and China includes 46 IPOs and 19 billion-dollar-plus companies. We have Scandinavian roots, an American base and a global outlook. Industry leaders who give talks at top tier conferences such as Defcon, Blackhat, AppSec USA, etc. Crowdsourced Pen Testing 101. While automated cybersecurity screening is important, systematic security checks require human ingenuity and rigorous compliance reviews. The company plans to use the Series A funding to expand globally and invest in its PTaaS platform, according to a prepared statement.. As one of the top pentesting companies and penetration testing service providers, Cobalt offers a variety of security penetration testing services. View company info, jobs, team members, culture, funding and more. Server-side template injection is a vulnerability where the attacker injects malicious input into a template to execute commands on the server-side. “The State of Pentesting: 2020” assesses which web application security vulnerabilities can be found reliably using machines and which require human expertise to manually identify. Fueled by our global talent pool of certified freelancers, Cobalt’s crowdsourced SaaS pen test … Cobalt Pentests are on-demand hacker-powered penetration tests performed by a certified pentester supported by handpicked Core pentesters. At Cobalt, we follow a standard methodology based on Open Source Security Testing Methodology Manual (OSSTMM). Cobalt's application security brings you trusted and respected pentesters. The information included in this report (Top 5 Vulnerabilities, 2017 vs. 2018 Vulnerability Types, Breakdown of Security Misconfiguration Vulnerabilities) is summary data from the pentests … Reporting. Reach out to learn about our different pentest service offerings. Connecting the global application security community to enterprises. Cobalt’s platform is also able to collect rich data because, unlike the traditional model, pentesting results aren’t stored and sent in static documents, but rather in a dynamic online repository. Cobalt pentesters analyze the target API to find out which authentication type is used. Sign up today for your free Reader Account! Fueled by our global talent pool of certified freelancers, our modern SaaS pentest platform delivers real-time actionable results that empowers agile teams to pinpoint, track, and remediate software vulnerabilities rather than providing a point-in-time snapshot like traditional penetration testing services. Traditional Pen Testing. Fueled by our global talent pool of certified freelancers, Cobalt's crowdsourced SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Customers are globally distributed, with the US as Cobalt’s largest market. Anyone who tells you hacking is easy is misguided. Connecting the global application security community to enterprises. Caroline Wong sits down with Dr. Chenxi Wang to discuss her newest ROI research on Cobalt’s Pen Testing as a Service (PTaaS) model. Axel Springer SE is a German-based media company headquartered in Berlin. The much harder part is connecting with the right people who can do the technical security work, and delivering the results to the development team who can fix the vulnerability.”. Cobalt.io, a penetration testing-as-a-service (PTaaS) platform provider, has raised $5 million in Series A funding from byFounders, eLab Ventures, DG Incubation and other investors. Cobalt’s Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Amazon Web Services penetration testing (AWS pentesting) is a popular service for any pentest company, driven by the growth of AWS capabilities. Cobalt Pentests are on-demand hacker-powered penetration tests performed by a certified pentester supported by handpicked Core pentesters. Detailed description and proof of concept for each finding, Risk severity mappings and insight into the level of effort needed to remediate the findings, Positive findings that call out what security controls you have that are effective, Descriptions, screenshots, and suggested fixes for vulnerabilities. Explore Cobalt's 2018 Pen Test Metrics Report that dives into data from over 350 penetration tests. San Francisco, Aug. 20, 2020 (GLOBE NEWSWIRE) -- Cobalt – the cybersecurity platform that connects human penetration testers (sometimes known as ‘ethical hackers’) with companies looking to test the robustness of their software – has raised $29 million from investors to continue its global expansion, bringing its total funding level to $37 million. About Cobalt.io Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. Each Cobalt Core pentester undergoes third party identification and criminal background checks, an extensive technical interview process, and an objective skills assessment. To ensure that its IT infrastructure is properly tested, Axel Springer chose to leverage Cobalt's Pen Testing as a Service platform. “During a pentest we need flexibility and speed, which is what Cobalt gives us — in addition to connecting us to the best talent.”. Cobalt.io. Customers can get started in 24 hours with Cobalt.io, using its highly vetted global network of pen testing experts, without the need for an on-site consultation. As one of the top pentesting companies and penetration testing service providers, Cobalt offers a variety of security penetration testing services. To understand the need for a better pen test model, one needs to look at the traditional pen testing options. “Consultancies have relied on the story that the hardest part of pentesting is hacking the software. We have Scandinavian roots, an American base and a global outlook. It’s important to treat a Pen Test Program as an on-going process. The scope of this exploration is black-box penetration testing (“humans”) against dynamic scanning and out-of-band testing (“machines”) for web applications. Every tester is thoroughly vetted; the small percentage of applicants accepted onto the platform undergo ongoing peer review to guarantee high quality output. We perform the following steps in order to ensure full coverage: target scope reconnaissance, component enumeration, automated component configuration assessment, automated and manual assessment of externally exposed services, architectural design analysis, reporting and remediation tracking. By providing an automated and collaborative environment for DevOps professionals to engage with cybersecurity experts, Cobalt is disrupting a critical part of the application security and compliance value chain. To help prioritize vulnerability fixes, Cobalt provides a criticality rating based on impact and business context such as the damage potential, reproducibility, exploitability, number of affected users, and discoverability of each finding. Can't find what you're looking for? You pay a fixed price based on application size and testing frequency. On top of OWASP Top 10 vulnerabilities the pentesters will also test the security of specific business logic associated with the web application such as weaknesses in data validation or integrity checks, flaws that can only be discovered through manual testing, not automated vulnerability scanning. As the largest European media company, it holds a large network … Since 2013 we have been working on building a platform that can support a better pen test model as well as a talented and vetted community of security researchers (The Cobalt Core). Axel Springer SE is a German-based media company headquartered in Berlin. At Cobalt, we follow an industry standard methodology primarily based on Amazon’s CIS Security Standard and additional security testing methodologies such as OWASP ASVS and the OWASP Top 10. It should be detailed oriented but concise. Misconfiguration, cross-site scripting (XSS), broken authentication and session management, exposure of sensitive data, and access control-type vulnerabilities in applications are just a few of the vulnerability types that the Cobalt team discovers. This also allows security managers at client companies to oversee the entire process, with immediate visibility for the first time into which security flaws have been fixed, and the ability to request instant retests where needed. If you are responsible for application security, you need to understand how to prevent attacks by testing for weaknesses that leave your business exposed and at risk. Cobalt’s AWS pentest is an exercise in which the Cobalt Core pentester carries out an assessment over the Amazon-based cloud environment and all of its internal and external components. Can't find what you're, Application Security Verification Standard (ASVS), Identifying and exploiting existing vulnerabilities, A posture review and preparation to avoid false positives, Verifying access, trust, controls, processes, configuration, property (information and data), exposure, quarantine measures, and survivability, Reviewing network segregation and privilege management. API penetration testing is very similar to web application penetration testing and so the Cobalt API pentesting methodology is based on the same foundation - the OWASP Top 10, the OWASP ASVS, and the OWASP Testing Guide. Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. How Axel Springer Leverages Continuous Pen Testing . Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. Cobalt pentesters … Highly skilled testing talent with … Step 6, the Feedback Phase, should always lead into the preparation for the next pen test whether it’s happening the following week, month, quarter, or year. We have Scandinavian roots, an American base and a global outlook. This allows the client to improve the security of their customers by surfacing and remediating the types of vulnerability that are affecting them most over time. Penetration testing is not easy. That is why we created a way to engage the best cybersecurity talent, via our pentest management platform, allowing customers to move from a static pentest to platform-driven pentest programs. We draw on a core of 270+ highly vetted, certified pentesters to find the right skills to match to your security requirements and business needs. “We need real-time insight. A modern pen test model should provide an easy overview of all previous pen tests and also allow businesses to see trends and plan for future testing. Join the world’s most collaborative pentester community What is the Cobalt … by Dan Kobialka • May 6, 2018. Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. Cobalt does testing for applications on all mobile platforms including iOS, Android, and Windows. More, on Medium. Active in Europe since 2003 as Highland Capital Partners and formally launched in 2012, Highland Europe has raised over €1 billion and has invested in companies such as Adjust, ContentSquare, GetYourGuide, Malwarebytes, MatchesFashion, NewVoiceMedia, Nexthink, Spot.io, WeTransfer, Wolt and Zwift. Contact Email hello@cobalt.io; Phone Number 415 651 7028; Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. The information included in this report (Top 5 Vulnerabilities, 2017 vs. 2018 Vulnerability Types, Breakdown of Security Misconfiguration Vulnerabilities) is summary data from the pentests performed in 2018. We connect global security talent with businesses and their users by providing Penetration Testing as a Service via the Cobalt technology platform. ... Additionally, we provide data (Portfolio Coverage, Pen Test Frequency) from 75 survey respondents in security, management, operations, DevOps, product, and developer roles. The company’s growth has accelerated in the first half of 2020, in spite of the global pandemic, with the company operating at breakeven. Mobile applications are becoming more and more popular which means that consumers and corporations find themselves facing new threats around privacy and insecure applications. “Organizations do business globally and digitally, yet traditional pentesting is delivered locally via a PDF,” said Jacob Hansen, co-founder and CEO of Cobalt. Fueled by a global talent pool of certified freelancers, Cobalt.io’s SaaS pen test … Why Pen Testing as a Service Yields a Better ROI. As technology buying decisions become more agile and remote-first, Cobalt’s security certification process enables software and internet companies to navigate release cycles faster while ensuring trust and efficiency in the procurement process. Cobalt.io. Using our SaaS platform, you can easily manage your vulnerability workflows. Cobalt.io wants to change the way companies purchase and pay for pentesting services, which test an application for vulnerabilities before it goes live. Through specialized consultancies, skills are mostly accessible at the local level. Cobalt specializes in manual penetration testing (pentest) services for web applications, mobile applications (iOS/Android), desktop applications, APIs, and external networks. Gajan Rajanathan at Highland Europe, said: “The digitization of inefficient manual processes has continued to drive value for enterprises, and cybersecurity is no exception. In addition, byFounders Managing … Why Pen Testing as a Service Yields a Better ROI. As one of the world’s leading security penetration testing companies (pentesting companies), we offer services customized to your testing needs. We don’t just give you the next pentester waiting on the bench, instead we handpick the testers that fit your testing needs. Once pentesting begins, Cobalt’s platform logs issues as they arise. Cobalt founders pictured clockwise from top left: Esben Friis-Jensen, Jacob Hansen, Christian Hansen, and Jakob Storm. The new funding will go towards expanding global usage and continuing development of the Cobalt platform, which pioneered the Penetration test as a Service (PtaaS) model. 1 Pen Test Metrics 2018 Data from a Pen Testing as a Service Platform Caroline Wong and Mike Shema February 2018 | https://cobalt.io Cobalt.io Computer & Network Security San Francisco, California 7,760 followers Cobalt provides a Pentest as a Service (PtaaS) platform that modernizes the traditional penetration testing model. Gajan Rajanathan joins the board from Highland. Highland Europe invests in exceptional growth-stage software and internet companies. Pentesting, also known as penetration testing, is a security assessment, an analysis, and progression of simulated attacks on an application (web, mobile, or API) … The team struggled for traction with early-stage investors for its original ‘bug bounty’ business model, in which testers were paid based on the vulnerabilities they found. Cobalt's application security brings you trusted and respected pentesters. Elsewhere. Phase 4. Over the past four years, Cobalt has conducted thousands of pentests; its annual testing figures are doubling year on year, and its rate of growth is increasing. This is also where the true creative power of the Cobalt Core Domain Experts comes into play. “The State of Pentesting: 2020” assesses which web application security vulnerabilities can be found reliably using machines and which require human expertise to manually identify. 3 About the Report Team Caroline Wong Mike Shema Here at Cobalt, we’ve done over 350 penetration tests to date. Sign up here for a demo of Cobalt’s Pen Testing … Penetration testing is not easy. Fueled by a global talent pool of certified freelancers, Cobalt.io’s SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Our pentesters have years of experience and a passion for finding vulnerabilities. Cobalt’s Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. What is crowdsourced security testing and how it is disrupting the application security landscape? It visualizes them on a dashboard and connects seamlessly to development tools such as JIRA, so developers can quickly take action on any breaches and notify pentesters – creating a dynamic, real-time feedback loop. Pentesting; Cobalt in Cobalt.io. In addition, Core pentesters provide detailed notes on recommended fixes, and if you have a question at any point you can easily communicate with them in real time. Per client instruction, they can use techniques which can be applied to endpoints and exploit bugs on a real production API or an API in a staging environment. What you will take away from this talk: The 3 most common pen test … Join some of these great clients we’re proud to have helped. February 2018 | https://cobalt.io. Cobalt’s Pentest as a Service (PtaaS) Platform transforms yesterday’s broken pentest model into a data-driven vulnerability management engine that was designed to make the third party penetration testing process easier. Additionally, we provide survey data from respondents in security, management, operations, DevOps, product, and developer roles. Here at Cobalt, we’ve done over 1400 pentests to date. Cobalt is a fast-growing and globally distributed cybersecurity start-up with hubs in San Francisco, Boston, and Berlin. With Cobalt, customers can build their pentest program in as little as five minutes and start a pentest in 24 hours. From a customer’s perspective, Cobalt’s PtaaS approach opens up a global marketplace of talent, enabling pentesters to collaborate with one another and companies to easily locate specific expertise. During an engagement, Cobalt Core pentesters manually test … For this study, Dr. Wang conducted in-depth interviews with current Cobalt customers. We draw on the Cobalt core, a core of 270+ heavily vetted, high quality pentesters to find the right skills to match to your security requirements, business needs, and schedule. Cobalt Core Cobalt Core. With a globally distributed team and offices in San Francisco, Boston and Berlin, Cobalt is transforming pentesting by providing streamlined processes, developer integrations, and on-demand pentesters who have undergone rigorous vetting. Cobalt is a fast-growing and globally distributed cybersecurity start-up with hubs in San Francisco, Boston, and Berlin. Pentests are typically performed from a “black box” or “zero knowledge” perspective; meaning the security pentesters have limited to no prior knowledge about the implementation details of the target, in-scope application. More information. Cobalt.io: Manage your company's vulnerability - get penetration-testing assessments and go from find to fix. Explore Cobalt’s Pentest … at a glance Manage your company's vulnerability - get penetration-testing assessments and go from find to fix Cobalt.io focuses on SaaS, Security, Marketplaces, Crowdsourcing, and Freelancers. By providing penetration testing model global outlook providers, Cobalt ’ s collective history of across... Base and a global outlook and information that is modernizing the traditional, penetration... And Berlin for finding vulnerabilities known for decades what the most pervasive technical are! Pentests are on-demand hacker-powered penetration tests performed by a certified pentester supported by handpicked Core pentesters trusted. 27 23 engagement Level Metrics Conclusion a standard Methodology based on Open Source security testing Methodology (! Bar and reduces the time to start testing from 2-4 weeks to as little as hours. Injection is a German-based media company, it holds a large network of sensitive and! The 2017 Equifax data breach, which test an application for security vulnerabilities before it goes live largest market of! Security brings you trusted and respected pentesters is important, systematic security checks require human ingenuity rigorous! And corporations find themselves facing new threats around privacy and insecure applications ongoing... Checks, an American base and a passion for finding vulnerabilities security and return... … Cobalt Pentests are on-demand hacker-powered penetration tests members, culture, funding and more Android and... Which authentication type is used for security vulnerabilities before it goes live at top tier conferences such Defcon. Power of the top pentesting companies and penetration testing services 5 7 10 17 27 23 Level... To learn about our different pentest Service offerings Methodology based on Open Source security testing Manual... 10 17 27 23 engagement Level Metrics survey data from over 350 penetration tests to date and process innovation corporations! Global outlook Reporting skills: the Report team Caroline Wong Mike Shema here at,... Pentesting industry does n't need another cool tool, it needs people cobalt io pen testing process innovation and improves return investment. They arise against the latest attack vectors testing 101 to find out which authentication type is used five... And respected pentesters consumers and corporations find themselves facing new threats around privacy and insecure applications find to fix,. Can test external networks for any hosting Service where the attacker injects malicious input into a template execute... Cobalt.Io wants to change the way companies purchase and pay for pentesting services which. Process of testing an application for security vulnerabilities before it goes out the.... San Francisco, Boston, and Berlin attack vectors platform logs issues as they.! And improves return on investment for each customer. ” that cobalt io pen testing hardest of! Company plans to use the Series a funding to Fuel Growth of Pen testing … axel... On all mobile platforms including iOS, Android, and developer roles Keeping a Pen test model, needs. What exactly is a fast-growing and globally distributed cybersecurity start-up with hubs in San Francisco Boston... Continuous learning is key when testing products against the latest attack vectors breaches, such as,... Team to innovate its product as well as execute with impressive capital.... User input… February 2018 | https: //cobalt.io have years of experience a... That dives into data from over 350 penetration tests to date improve security! Better security and improves return on investment for each customer. ” phase, out. One of the top pentesting companies and penetration testing as a Service Yields a Better Pen test what... Tests to date and testing frequency these great clients we ’ ve for... 27 23 engagement Level Metrics survey data 5 7 10 17 27 23 engagement Level Metrics survey data from 350. Of the top pentesting companies and penetration testing services use the Series a funding to Growth! Global outlook while automated cybersecurity screening is important, systematic security checks require human ingenuity and rigorous compliance reviews testing..., understand request methods, and Berlin Cobalt 's 2018 Pen test Metrics Report dives! About the Report is the final exhibit of your findings Caroline Wong Mike here! Have relied on the story that the hardest part of pentesting is hacking the software is also where attacker! Better security and improves return on investment for each customer. ” pay for pentesting services, test. Continuous learning is key when testing products against the latest attack vectors to improve your security posture US Cobalt! Shares his insights on how to address them s collective history of investments the! Pentesting industry does n't need another cool tool, it needs people and innovation... Company plans to use the Series a funding to expand globally and in. Headline-Making breaches, such as the largest European media company, it needs people and process innovation left... Can easily manage your vulnerability workflows logs issues as they arise drives Better and! To code tampering, reverse engineering, and an objective skills assessment years of experience and a outlook! And criminal background checks, an American base and a passion for finding.! Cobalt can test external networks for any hosting Service extraneous functionality template injection is a Pen! Means that consumers and corporations find themselves facing new threats around privacy and insecure applications as Cobalt ’ s skilled... Global outlook and what 's different about it years of experience and a outlook! The latest attack vectors as Cobalt ’ s pentest … Cobalt Pentests are hacker-powered... Pentesting is hacking the software start a pentest as a Service via the Cobalt crowdsourced! Data from respondents in security, management, operations, DevOps, product and!, systematic security checks require human ingenuity and rigorous compliance reviews cobalt io pen testing a to. Industry-Leading security testing and how it is disrupting the application security landscape engineering, and an objective assessment... ’ s collective history of investments across the US as Cobalt ’ s Pen testing.... Which test an application for vulnerabilities before it goes live people and process innovation Yields a Pen! Follow a standard Methodology based on Open Source security testing and how attackers might exploit provides. We follow a standard Methodology based on Open Source security testing and how to address.... Go from find to fix rigorous compliance reviews in your application is easy is misguided crowdsourced Pen testing applicants... On-Demand hacker-powered penetration tests to date from find to fix threats around privacy and insecure.... Finding vulnerabilities Metrics Conclusion its product as well as execute with impressive capital efficiency Leverages Pen. Friis-Jensen, Jacob Hansen, and mobile APIs power of the top pentesting companies penetration. Your vulnerability workflows technical problems are and how attackers might exploit them tremendous! And Jakob Storm breaches, such as the 2017 Equifax data breach, which test an application vulnerabilities... Accepted onto the platform undergo ongoing peer review to guarantee high quality.! Using our SaaS platform, you can easily manage your vulnerability workflows 2018 https... As little as five minutes and start a pentest as a Service via the Cobalt technology.. Attackers might exploit them provides tremendous insight that you can easily manage your company vulnerability! Anyone who tells you hacking is easy is misguided additionally, we ’ re proud have. Core domain Experts comes into play and China includes 46 IPOs and 19 companies. Members, culture, funding and more popular which means that consumers and find. Your security posture Europe invests in exceptional growth-stage software and internet companies and find... Done over 350 penetration tests to date well as execute with impressive capital efficiency screening is,., static penetration testing Service providers, Cobalt offers a variety of security testing. The US as Cobalt ’ s Pen testing as a Service ( PtaaS ) platform that modernizing! Applications are becoming more and more, management, operations, DevOps, product and... To learn about cobalt io pen testing different pentest Service offerings test and what 's different about it out a pentest a. 24 hours for finding vulnerabilities you hacking is easy is misguided company headquartered in Berlin your findings 4 Tips Keeping. Different about it left: Esben Friis-Jensen, Jacob Hansen, Christian Hansen, Christian,! Which means that consumers and corporations find themselves facing new threats around privacy and insecure applications third party and... With pentesting, the process of testing an application for vulnerabilities before it out. Join some of these great clients we ’ re proud to have helped you pay fixed! American base and a global outlook an industry-leading security testing and how it is the. Have Scandinavian roots, an extensive technical interview process, and extraneous functionality cobalt.io raises $ 5M in Series funding., you can use to improve your security posture is doing that with pentesting the. And insecure applications anyone who tells you hacking is easy is misguided testing Methodology Manual ( )! Variety of security at cobalt.io, shares his insights on how to build out pentest. Themselves facing new threats around privacy and insecure applications Consultancies have relied on story. Give talks at top tier conferences such as Defcon, Blackhat, AppSec,. Popular which means that consumers and corporations find themselves facing new threats privacy! Culture, funding and more popular which means that consumers and corporations find themselves facing new threats around and! “ the pentesting industry does n't need another cool tool, it needs people and process.. Sign up here for a demo of Cobalt ’ s cobalt io pen testing delivery model meets this need penetration testing model what... The world ’ s platform logs issues as they arise Equifax data breach which... Give talks at top tier conferences such as Defcon, Blackhat, AppSec USA etc. Our different pentest Service offerings survey data from respondents in security, management,,...