Penetration Testing-as-a-Service Firm Cobalt Raises $5M in Funding
Cobalt.io, a penetration testing-as-a-service (PTaaS) platform provider, has raised $5 million in Series A funding from byFounders, eLab Ventures, DG Incubation and other investors. The company plans to use the Series A funding to expand globally and invest in its PTaaS platform, according to a prepared statement.
In addition, byFounders Managing Partner Eric Lagier has joined Cobalt’s board of directors, the company said. Robb Mann, who leads security assurance at Google, also has joined Cobalt as an advisor.
A Closer Look at the Cobalt Platform
Cobalt’s application security platform supports a find-to-fix workflow, the company noted. The platform delivers on-demand pen tests that are performed by a certified security researcher. After a Cobalt pen test is completed, the certified security researcher sends a summary document that details his or her findings. Each Cobalt pen test report contains vulnerability descriptions, screenshots and suggested fixes.
All Cobalt pen test reports are delivered via CobaltCentral, the company’s reporting application. Key features of CobaltCentral include:
- Integrated Messaging: Allows users to discuss vulnerabilities with Cobalt researchers.
- GitHub and JIRA Integrations: Enables users to add vulnerability insights directly to workflows.
- Visualization: Provides visualizations that highlight the number, severity and frequency of vulnerabilities.
The Cobalt platform is now available and is used by GoDaddy, Credit Karma and other globally recognized brands. Cobalt customers pay a fixed price to use the platform based on application size and testing frequency.
How Does the Cobalt Platform Differ from Standard Pen Testing Options?
The Cobalt platform leverages a global talent pool of certified security researchers, the company noted. A typical Cobalt pen test can be scheduled within 48 hours, the company pointed out. All pen test results can be directly integrated into an organization’s security bug tracking systems and development lifecycle, and Cobalt provides real-time communications with certified security researchers to accelerate pen testing.
Cobalt uses crowdsourced security to deliver SaaS-based pen testing. It has a global application security team that includes over 200 certified security researchers across 131 countries.
To date, Cobalt’s certified security researchers have helped organizations discover more than 20,000 security bugs, the company indicated. Cobalt also continues to explore growth opportunities.
Cobalt tripled its growth and added nearly 100 new customers in 2017, CEO Jacob Hansen said. The company also opened a sales, customer success and engineering office in Berlin earlier this year.