Unlock the State of Pentesting 2023! Explore 3,100 pentests with expert insights on vulnerabilities, security challenges, & maximizing pentest value.


Thoughts, perspectives, and industry commentary from the Cobalt team.

Gartner Names Cobalt in Report on DevSecOps Tools for Secure Software Delivery

Gartner's recent report “How to Select DevSecOps Tools for Secure Software Delivery” gives a birds-eye view of the technology landscape, emphasizing the benefits to integrating developer-friendly tools into DevOps pipelines. In a section of the report titled “Preproduction and Release Phases” Gartner name-drops Cobalt as a representative penetration testing vendor.
Mar 15, 2023
Est Read Time: 2 min

Active Directory Series: Active Directory Fundamentals

Active Directory is a Microsoft service that provides centralized management of user accounts, devices, and access to resources in a networked environment. It allows IT professionals to create and manage users, groups, computers, and other resources on a network, and control access to those resources based on policies and permissions.
Mar 13, 2023
Est Read Time: 12 min

Cobalt Release Blog: February 2023

Read about the improvements we launched to our PtaaS Platform last month: new integrations, asset vulnerability updates, and more.
Mar 10, 2023
Est Read Time: 1 min

Compromise Assessment: A Comprehensive Guide

The blog explains the importance of compromise assessments as a crucial step in detecting and responding to security threats in an organization. It highlights the key objectives of conducting a compromise assessment and provides a step-by-step guide from data collection to analysis and reporting. The blog emphasizes the need for ongoing assessments to stay ahead of potential attacks and maintain the security of the organization's assets.
Mar 6, 2023
Est Read Time: 13 min

The Life of a Bug

With this post I'll present a way to better understand bugs, from their origin until their death. I’ll do this by introducing the idea of a security bug pipeline and Fix-to-Fix framework.
Mar 3, 2023
Est Read Time: 5 min

Decoding the Differences: Black, Gray, and White-Box Pentests

Different types of pentesting methods have designated colors with the key differences.
Mar 1, 2023
Est Read Time: 6 min

Security Touchpoints in the Big Data Lifecycle

More and more teams want to access the sensitive data you're managing? Here's a guide on how to keep it secure while enabling the business to innovate.
Feb 28, 2023
Est Read Time: 9 min

Pentester’s Guide to XPATH Injection

XPath is a powerful language used to query and manipulate XML documents. It allows you to extract data, transform XML documents, query large datasets, and modify the structure and content of XML documents. XPath injection attacks occur when an attacker manipulates XPath statements to gain unauthorized access to sensitive data.
Feb 27, 2023
Est Read Time: 6 min

Back to Basics: How to Build Resilient Blue Teams

A comprehensive guide on how security teams can keep up with organizational change.
Feb 24, 2023
Est Read Time: 11 min
    3 4 5 6 7

    Always get the latest

    Sign up to get Cobalt insights delivered right to your inbox so you never miss a story.

    More resources

    Learn pentesting best practices, read answers to our most common questions
    and get our technical docs.