We at Cobalt are staunch advocates for embedding security into DevOps as a means to reduce risk and improve efficiency. At the same time, we fully recognize that it's a misleadingly simple concept which isn’t necessarily straightforward to put into practice.
“Shifting left” is often upheld as the cultural gold standard for software delivery. Yet collaboration challenges and low bandwidth / high workloads often hamstring these efforts.
Cobalt’s PtaaS approach is revolutionary for, among other things, helping to overcome common DevOps hurdles around pentesting. Speed is one of the core value propositions of PtaaS: it’s faster to set up, and quicker to produce results. Thanks to these qualities, Cobalt has a track record of making a real impact on the SDLC, and we’ve racked up industry recognition alongside rave customer reviews to underscore our standing as the #1 PtaaS company.
Analysts at GigaOm and Gartner have endorsed the PtaaS approach, as well. Recently Gartner published a report: “How to Select DevSecOps Tools for Secure Software Delivery.” The research gives a birds-eye view of the technology landscape, emphasizing the benefits to integrating developer-friendly tools into DevOps pipelines.
In a section of the report entitled “Preproduction and Release Phases” Gartner name-drops Cobalt as a representative penetration testing vendor.
This meaningful mention validates our own worldview. At Cobalt, we believe that the next evolution of PtaaS involves giving businesses greater flexibility through pentest offerings that allow security and development teams to identify and address security gaps faster, accelerate their build-to-release timeline, and align pentesting more closely to DevSecOps workflows.
Our most recent edition of Cobalt’s annual State of Pentesting Report used survey data and findings from thousands of pentests to explore the challenges plaguing security and development teams today. Last year focused heavily on how to combat macro trends like the Great Resignation, COVID-induced job stress, and a general undercurrent of professional malaise. Some noteworthy highlights include:
- 90% of respondents who have suffered shortages or lost team members are struggling with workload management.
- 96% of security teams see a slower response to patching critical vulnerabilities.
- 97% of developers struggle to meet critical launch deadlines.
- 80% of developers say collaboration challenges with the security team compromise the quality of their code.
For the upcoming 2023 edition – which we’ll publish in the next few weeks, leading up to RSA – we layered on the perspective of pentesters from the Cobalt Core, our global community of 400 skilled, vetted testers. These testimonials helped paint a deeper picture, revealing the strategies for how to reap maximum benefit from pentest engagements and ring ROI from every stage of the pentest lifecycle. To stay in the loop on this and other upcoming announcements, make sure to follow Cobalt on LinkedIn.