WHITE PAPER
Secure the agentic shift and bridge the AI readiness gap with the Responsible AI Imperative white paper
Download Now
WHITE PAPER
Secure the agentic shift and bridge the AI readiness gap with the Responsible AI Imperative white paper
Download Now

Blogs

Thoughts, perspectives, and industry commentary from the Cobalt team.

API Security Best Practices

February 3, 2023
Est Read Time: 4 min
As the devices providing Internet access increase daily, the traditional Monolith architecture has been replaced by the Microservice architecture due to the advantages such as scalability, faster deployment, ease of management, and many more. Core Pentester Orhan Yildirim shares his best practices for API Security.
Read more
API Pentesting Vulnerabilities

Cybersecurity Certifications, how much do they really matter?

February 1, 2023
Est Read Time: 5 min
Cybersecurity certifications can benefit individuals with 1-4 years of experience when looking for new job opportunities. Certifications alone don't necessarily make someone a good pentester and should be considered in conjunction with professional experience.
Read more
Cobalt Core
Pentester Insights: Deep Dive in Web Cache Poisoning Attacks

Hacking Web Cache - Deep Dive in Web Cache Poisoning Attacks

January 31, 2023
Est Read Time: 9 min
Web cache poisoning is an attack where an attacker takes advantage of flaws in the caching mechanism. They attempt to store an altered and malicious response in the cache entry, forcing the website to serve malicious information to its users.  Core Pentester Harsh Bothra deep dives into these attacks and remediations.
Read more
Cobalt Core Web Application Pentesting Vulnerabilities
Cobalt Year in Review

Cobalt Achieved Record Pentests in 2022, Expanded PtaaS Adoption

January 26, 2023
Est Read Time: 5 min
Notable industry recognition from analysts and high-value awards proves Cobalt is the leader in PtaaS, and sparks the hiring of Chief Sales Officer Jerri Allan
Read more
NEWS

Man-In-The-Middle Attacks: How to Detect and Prevent

January 24, 2023
Est Read Time: 5 min
This article covers the steps cybercriminals commonly take to execute different MITM attacks, and how security teams can detect and prevent them.
Read more
Cybersecurity Insights

OAuth Vulnerabilites Pt. 1

January 23, 2023
Est Read Time: 10 min
Welcome to part one of OAuth Vulnerabilities. Core Pentester Shubham Chaskar overviews Oauth, commonly used grant types, entities, misconfiguration, and more.
Read more
Vulnerabilities

Then & Now: Harsh Bothra

January 19, 2023
Est Read Time: 3 min
Core Pentester Harsh Bothra joined Cobalt a little over two years ago. Since then, he has become a Pentest Lead and worked on endless engagements. He takes this time to reflect on how things have changed since his first test.
Read more
Cobalt Core

A Dive into Client-Side Desync Attacks

January 16, 2023
Est Read Time: 7 min
A client-side desync, a.k.a CSD, is an attack in which the victim's web browser is tricked into desynchronizing its connection to the vulnerable website. Core Pentester Harsh Bothra takes a look at how attackers can find these vulnerabilities in the wild.
Read more
Cobalt Core Vulnerabilities

2023 Cobalt Partnerships: Expanding to MSP & MSSP Partners

January 12, 2023
Est Read Time: 2 min
When companies work together to provide better solutions for their clients, everyone wins.
Read more
Modernizing Pentesting Partners
    34 35 36 37 38
    RSS

    Always get the latest

    Sign up to get Cobalt insights delivered right to your inbox so you never miss a story.

    More resources

    Learn pentesting best practices, read answers to our most common questions
    and get our technical docs.
    Cobalt_homepage_cta_image@2x-1