Cobalt Core is a community of vetted penetration testing professionals operated by Cobalt. The community consists of freelance security experts who are sourced, assessed, and continuously evaluated through a multi-stage vetting process before being made available to conduct penetration tests for client organizations. Pentesters in the Cobalt Core average 11 years of experience and hold industry certifications including CISSP, OSCP, OSWE, OSCE, OSWP, CREST, CRTO, CRTM, CEH, and others. Testing coverage spans web applications, APIs, cloud environments, and LLM systems. The vetting process consists of four stages: 1. Sourcing and initial review of candidates based on tenure, skill, and expertise 2. Rigorous online technical skills assessments 3. In-depth interviews evaluating technical capabilities and professional fit 4. Third-party background checks, tax documentation, NDA and Terms of Engagement signing Ongoing quality assurance includes all testing conducted over a secure VPN, peer reviews by leads and specialists, and continuous performance evaluations of pentesters. Clients interact with pentesters in real time via collaboration tools including ChatOps platforms, enabling direct communication about findings and remediation guidance. The Core conducts over 5,000 pentests annually and has identified over 10,000 critical vulnerabilities. Findings are delivered as prioritized, actionable reports.