Save to My Lists
Paid
Claimed

Cobalt Reviews & Product Details

Charles B.
CB
Senor Software Engineer
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Organic
What do you like best about Cobalt?

Cobalt has a built-in "engineering rotation" system where you can leverage their entire talent pool of pentesters to gain new perspectives from your engagements. The rotation in engineers has been revolutionary in ensuring we're patching issues that previous passes may not have covered, and we're always getting fresh results. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

We've loved interacting with Cobalt! Their dashboard is easy to understand and provides a "managers view" of the findings. The test/re-test cycle happens within 48 hours, and our experiences have all been met, and exceeded in our three engagements. I would undoubtedly recommend Cobalt to any company that has pentesting needs. Review collected by and hosted on G2.com.

Recommendations to others considering Cobalt:

Have an honest conversation with your account representative, and take some time up-front to meet with the engineers performing the engagement. Having everyone aligned and expectations managed before receiving the report will contribute to a happy outcome where the findings are identified, re-tests validate you've completely patched the finding. This ensures you're set up for a happy engagement. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

We initially engaged Cobalt to satisfy a "check box" in a security review for a partner. Since the first engagement, our relationship has grown to include them as part of our release process. Not only do they test our apps, but through the discipline of the pentesters, we've also patched a few findings in our Kubernetes runtime that they found and continue to engage with them to improve our overall security posture as a company. They are partners in the space, and we couldn't be happier with them. Review collected by and hosted on G2.com.

Cobalt Overview

What is Cobalt?

Cobalt unifies the best of human security talent and effective security tools. Our end-to-end offensive security solution enables customers to remediate risk across a dynamically changing attack surface. We are best known for the speed and quality of our pentests, and driven by customer demand, we now offer a broad range of testing products and security services to support the needs of AppSec and InfoSec teams. Since 2013, we have secured over 10,000 assets, conducting over 4,000 pentests in 2023 alone. Over 1,300 customers rely on Cobalt, and our Cobalt Core of 450 elite pentesters. Our expert testers average 11 years of experience and hold top certifications. Combing the knowledge of the Core with the purpose-build Cobalt platform, we provide continuous collaboration through any engagement, including real-time findings reporting, access to Attack Surface Monitoring and Dynamic Application Security Testing (DAST), as well as integrations into over 50 business systems including Slack, Jira, and ServiceNow to speed remediation efforts.

Cobalt Details
Product Website
Discussions
Cobalt Community
Languages Supported
English
Show LessShow More
Product Description

Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Fueled by our global talent pool of certified freelancers, Cobalt's crowdsourced SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Hundreds of organizations now benefit from high quality pen test findings, faster remediation times, and higher ROI for their pen test budget.

How do you position yourself against your competitors?

Our Pentesting as a service (PtaaS) approach delivers a comprehensive Pentesting and Offensive Security solution by combining an intuitive technology platform with an exclusive community of trusted, on-demand security experts. With pentests that start in as little as 24 hours, Cobalt provides the real-time insights you need to validate and remediate risk quickly and innovate securely. Our testing process from scheduling to remediation is 50% faster than traditional methods, with a depth and quality you won’t get from automated tools or low-budget pentest providers. Leave the offensive security testing to us, and focus on what matters most for your business.


Seller Details
Seller
Cobalt
Company Website
Year Founded
2013
HQ Location
San Francisco, California
Twitter
@cobalt_io
8,647 Twitter followers
LinkedIn® Page
www.linkedin.com
464 employees on LinkedIn®

Jacob F.
JF
Overview Provided by:

Recent Cobalt Reviews

alexbreban .
A
alexbreban .Enterprise (> 1000 emp.)
5.0 out of 5
"Pentest as a service - what a great business model"
CobaltIO is the best pentesting company I worked with. What makes them different is the manual testing of any discovered vulnerability rather than ...
Joe D.
JD
Joe D.Mid-Market (51-1000 emp.)
4.0 out of 5
"Professional and timely"
Professional and timely service for our compay
Nishchay P.
NP
Nishchay P.Mid-Market (51-1000 emp.)
4.5 out of 5
"Professional and Thorough Penetration Testing Service"
We engaged Cobalt to perform a penetration test on a small application, including some API testing. Our experience was very positive. Their team wa...
Security Badge
This seller hasn't added their security information yet. Let them know that you'd like them to add it.
1 person requested security information

Cobalt Media

Cobalt Demo - Offensive Security Platform Home
Integrate multiple testing capabilities and expert services in one solution.
Cobalt Demo - Pentest Planning in the Cobalt Platform
An overview of upcoming or recently completed penetration tests.
Cobalt Demo - Platform Engagements
Explore multi-product offerings from Cobalt ranging from Pentest to Digital Risk Assessments, Red Teaming to IoT Testing, and more.
Cobalt Demo - Pentest as a Service Findings
A consolidated view of your penetration test findings including vulnerability severity levels and more.
Cobalt Demo - Cobalt Platform Integrations
Overview of different platform integrations.
Cobalt Demo - DAST Scan Reports
A comprehensive scan of web assets and APIs to uncover vulnerabilities and provide a clear understanding of your risk posture.
Cobalt helped Progyny speed up their client onboarding process, retain customer trust, and ensure the technical safety of their applications. This relationship has helped keep Progyny's sensitive healthcare information secure
Play Cobalt Video
Cobalt helped Progyny speed up their client onboarding process, retain customer trust, and ensure the technical safety of their applications. This relationship has helped keep Progyny's sensitive healthcare information secure

Official Downloads

Answer a few questions to help the Cobalt community
Have you used Cobalt before?
Yes

111 out of 112 Total Reviews for Cobalt

4.6 out of 5
The next elements are filters and will change the displayed results once they are selected.
Search reviews
Popular Mentions
The next elements are radio elements and sort the displayed results by the item selected and will update the results displayed.
Hide FiltersMore Filters
The next elements are filters and will change the displayed results once they are selected.
The next elements are filters and will change the displayed results once they are selected.
111 out of 112 Total Reviews for Cobalt
4.6 out of 5
111 out of 112 Total Reviews for Cobalt
4.6 out of 5

Cobalt Pros and Cons

How are these determined?Information
Pros and Cons are compiled from review feedback and grouped into themes to provide an easy-to-understand summary of user reviews.
Pros
Cons

Overall Review Sentiment for CobaltQuestion

Time to Implement
<1 day
>12 months
Return on Investment
<6 months
48+ months
Ease of Setup
0 (Difficult)
10 (Easy)
Log In
Want to see more insights from verified reviewers?
Log in to view review sentiment.
G2 reviews are authentic and verified.
alexbreban .
A
Chief Information Security Officer
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
Incentivized Review
What do you like best about Cobalt?

CobaltIO is the best pentesting company I worked with. What makes them different is the manual testing of any discovered vulnerability rather than running automated pen tests. They use common tools for this which would be available to everyone but at the same time they compesate that with their skills and knowledge. Cobalt is the only company I know which is very transparent on their testers' recruitment criteria and staging. Customer support is great and very helpful. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

Nothing I can think of would influence my decision into looking around for other testing companies Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

Cobalt brings in an army of experienced testers. Having one internal tester as an employee may not be a good idea from an efficiency vs business valuea perspective. Each time you may get a different tester with different skills and perspective. Pentest is an audit and auditors are different into how they see things. Review collected by and hosted on G2.com.

Nishchay P.
NP
QA Automation Engineer
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
What do you like best about Cobalt?

We engaged Cobalt to perform a penetration test on a small application, including some API testing. Our experience was very positive. Their team was professional and conducted thorough manual security testing tailored to our specific business use case. They followed industry-standard security practices and guidelines throughout the process. We appreciated the quality of their work. Overall, we are very satisfied with the service and would recommend them for application security testing. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

The pen tester was not involved at the start, so we had to explain the project multiple times—first to the sales team, then to the account manager, and finally to the tester. Streamlining this process would enhance the overall experience and would save lot of our effort to prepare the documents and video recordings of our requirements. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

Cobalt solves the challenge of finding experienced security professionals to carry out in-depth penetration testing for our applications. This helps us identify vulnerabilities in our system, ensuring that our application is secure and compliant with security best practices. Review collected by and hosted on G2.com.

Max M.
MM
Lead Backend Engineer
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
What do you like best about Cobalt?

Once you have the guidelines setup, the rest of the process is very straightforward and insightful. The Cobalt team assigned to our pen test was communicative, helpful, and seemingly experienced and thorough. Cobalt communication with regard to testing updates and status is stellar. They check almost all the boxes when it comes to technicaly attack vectors. They also provide an easy to follow checklist for setting up and completing the penetration test. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

Setting up the penetration test and providing all of the necessary details and documents is a bit tedious, but I think it's reasonable that context and direction is needed in order to perform a thorough test. Still, some of the instructions could be more detailed and/or the Cobalt team could take the lead more on gathering information. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

Penetration testing a software application thoroughly and without the insider context of an employee that could lead to an inadequate test Review collected by and hosted on G2.com.

Stephen G.
SG
Senior Information Security Engineer
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
What do you like best about Cobalt?

Cobalt Pentest has been an invaluable asset for me as it helps me to facilitate tasks better. The platform's seamless integration with our existing ticketing and messaging systems helps to streamline our workflow and communication.

The platform's ability to conduct both DAST and attack surface scanning provides additional resources and scans to help us gather a better understanding of our security posture. The setup process was straightforward, and the customer service team has been extremely helpful and responsive.

The pentest engagements we've had have been conducted smoothly. The pentesters helped in during the pentest and even once the pentest was finished with their detailed report for all of the vulnerabilities. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

To date, I've been highly satisfied with Cobalt Pentest's services. I look forward to continuing our partnership and deepening our collaboration with their skilled pentesters.

I wish that Cobalt maintains rigorous quality standards for their pentesters and conducts thorough Know Your Employee (KYE) vetting. This commitment to quality assurance ensures that we receive top-tier penetration testing services. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

Cobalt Pentest has been invaluable in helping us meet industry framework requirements for mandatory penetration testing reports. Their ability to generate various types of reports tailored to specific frameworks has significantly streamlined our compliance efforts.

Additionally, Cobalt's services have been instrumental in addressing our resource constraints. By partnering with them, we've been able to efficiently conduct thorough penetration tests. Review collected by and hosted on G2.com.

V
Security Engineer - II
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
Incentivized Review
What do you like best about Cobalt?

1. The quality of security assessment on the application performed by the pentester.

2. Quality security issues with all details including steps to reproduce, POC and remediation step ease the access to implement the fix.

3. I also like the report generation from the dashboard.

4. The customer support is helpful and promptly response to the quaries. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

There's really nothing to dislike about cobalt. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

1. Annual External Pentest Activity: To meet compliance requirements, we get pentest activity done on time and also get the report for the same on time.

2. Security Findings: Pentester from cobalt always report quality findings with us and the report contains all the necessary details about the vulnerability.

3. Report : The report generated for performed pentest conatins each details with metrics.

4. Platform: The UI is realy easy to use.

5. Support: The support team of cobalt is doing amazing work, recently i have some queries and i got the resolution promptly. Review collected by and hosted on G2.com.

JS
Product Manager
Computer Software
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
What do you like best about Cobalt?

Provides excellent penetration testing. But, not only do you get tickets with the results, they also provide suggested fixes for each of the issues they uncover, saving your engineering team research time. Excellent communication from our pentester as well. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

Since we pentest yearly, it had been almost year since I logged in and I could not get my previous account to work. CS solved it for me, but it was a bit of a time sink trying to get back in to start the process. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

We use Cobalt for penetration testing; They use every means at their disposal to test your security and point out weaknesses that need to be addressed. Review collected by and hosted on G2.com.

Verified User in Information Technology and Services
AI
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
What do you like best about Cobalt?

Cobalt is a cost effective solution for penetration testing. Over the years, I have spoken to many firms and vendors regarding penetration testing, and the range of cost is pretty large. I have used several of them, and it is often hard to determine if you are getting the true value with higher cost. With Cobalt, they have a pool of researchers that could be working on your project. The benefit is that you can have a different ones if you prefer every year, which could potentially find new issues since they might have approaches. Additionally, the overhead of running a pentest is pretty low as there is no weekly progress meetings etc. Overall, I have been a happy customer. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

The effectiveness of the pentest will be depended on the researcher to certain extend. If you don't know the researcher, you might want to do some research but the public info can be limited. Another concern is tgat if they are testing in your production environment, then the data access can be a risk if you have sensetive data. In which case, I might want to hire a firm with full time employees. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

External penetration test service can be timing consuming and expensive. Cobalt address those two issues for us. Review collected by and hosted on G2.com.

Verified User in Security and Investigations
US
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
Incentivized Review
What do you like best about Cobalt?

The best part while working with the Cobolt team was their descriptive daily updates on the pentest with all possible scenarios they tested.

All their updates are posted in a professional manner with easy to understand terms.

The findings reported by them has a very good template with detailed PoC and screen shots. The report is easily understood when shared with customers. They also justify the severity reported for the findings.

They ensure to deploy a team of skilled pentesters to get the job done. Overall their service gets the job done and the report is crafted in a very professional way Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

One drawback observed was that if the application is complicated or has lot of features, some in-depth coverage is missed out. On several occasions, few pentest issues were found by internal pentesting team that was missed out by Cobalt team. This probably happens cause the same pentesting team is not during the next round of pentest. Something that they can improve upon. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

Cobolt helps us with the external pentest report which is a mandate for our customers Review collected by and hosted on G2.com.

Verified User in Computer Software
AC
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
Incentivized Review
What do you like best about Cobalt?

The timely response from their team with each and every finding. They provide detailed explanations for each finding and how to reproduce it. The report they provide after the completion of the pen test is very helpful and easy to use for different compliance standards. The portal is user-friendly and intuitive. The integration with Slack is extremely helpful for keeping track of updates. Their support over Slack is outstanding throughout the entire process. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

The documentation to use the product can be improved.

The portal is user-friendly but a detailed tutorial or documentation will help users to navigate and use the advance features available. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

We need penetration testing for compliance and certifications like SOC 2, as well as for production readiness and identifying security gaps. Cobalt helps us meet these compliance requirements while ensuring our systems are secure and production-ready. Their detailed reports highlight vulnerabilities and provide clear guidance on how to address them, making it easier to achieve and maintain certification standards. Review collected by and hosted on G2.com.

Verified User in Information Technology and Services
AI
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: G2 invite on behalf of seller
Incentivized Review
What do you like best about Cobalt?

I really liked that our needs were met completely. We had a meeting with the team before the project kicked off and we were able to set our expectations for everything we needed. Once the time came to execute the project, everything was done to our specifications and we were able to get all of the reporting done the way we wanted it. We were very happy with the experience. Review collected by and hosted on G2.com.

What do you dislike about Cobalt?

I do not have anything negative to say about Cobalt or the experience we recieved. All of my interactions with the team was great, and the project was done exactly the way I wanted it to go. Review collected by and hosted on G2.com.

What problems is Cobalt solving and how is that benefiting you?

We are constantly striving to ensure that we have the most secure application possible. As such we regularly move through multiple security penetration testers. We have used Cobalt in the past and we were able to come back to them because of their performance. We have had a couple of bad experiences and so when we have a good one we like to hold onto them so we can keep utilizing their services. Review collected by and hosted on G2.com.