PUBLIC API - As a Cobalt user, you can now access pentest data through our newly released RESTful API (as well as the UI). To use the API, you'll need a personal API token. You can use the output to build custom dashboards, and integrate pentest program data with the tools of your choice. You can now visualize risks holistically with other sources of data. With our API (currently read-only), you now have access to Orgs, Assets, Pentests, Findings, and Events. You can learn more about our API at docs.cobalt.io.
TEST CREDENTIALS- When planning a pentest, users frequently set up test accounts and additional information for their assigned pentester(s). Users can now request access to pentester emails. The UI now includes more detailed guidance on what information your pentesters may need. You will now receive an email once the pentest is staffed, to allow you to provide additional guidance before the pentester starts work.
ORG - The "People" page (in the sidebar) now includes an info tooltip with provides more detail about our user roles and permissions.
PENTEST WIZARD - The pentest wizard now auto-saves changes when navigating between steps in the progress bar. All icons in the pentest wizard header (Edit Pentest Title, Manage Collaborators, Delete Pentest) now have tooltips to help you plan and submit a pentest for review.
ASSET - We have updated labels for fields used to create and edit an asset. We have also added tooltips, including one which defines an asset. We have added tooltip guidance to help you provide a more complete information for Asset Description and Asset Documentation. We now support longer asset titles of up to 50 characters.
PENTEST - As a Cobalt user, you will now see a consistent title card when navigating between different pages of a pentest. This should minimize confusion on the pentest in question.
ACCESSIBILITY - We now support full keyboard navigation.