Cobalt

Cobalt is a cybersecurity company that operates in the Pentest as a Service (PtaaS) space, combining a SaaS platform with a vetted community of penetration testers. The company was founded on the premise that traditional penetration testing methods could be improved through technology and a curated network of security experts. Cobalt's platform delivers offensive security services to over 1,500 customers. Its core offerings include penetration testing across web applications, cloud infrastructure, APIs, and network environments. Additional services include Digital Risk Assessments, which identify publicly available information about an organization, and Secure Code Reviews, which evaluate the security of software development processes. The company targets organizations seeking to meet compliance requirements through comprehensive security testing, as well as those looking to proactively identify and remediate vulnerabilities. Cobalt's approach integrates human expertise with a technology platform to facilitate real-time reporting, remediation tracking, and collaboration between development, security, and operations teams. Cobalt has particular expertise in SaaS security testing, addressing cloud-specific vulnerabilities such as container misconfigurations, IAM weaknesses, API exposures, and multi-tenancy risks. Its methodology follows a structured process: scoping, reconnaissance, access attempts, exploitation, findings analysis, and remediation recommendations. The company is fully remote, with Scandinavian roots and operations based in the United States. It has received recognition from G2, Cybersecurity Breakthrough Awards, and Fortress Cyber Security Awards, among others.