Try Now
Get hands on with Cobalt's PtaaS Platform

How Algolia matures its  security posture with Cobalt

Adam Surak Director of Infrastructure at Algolia

Algolia was looking for a pentest partner that wouldn't slow down development.

With a mission to help companies create delightful Search & Discovery experiences, Algolia enables developers and product teams to build consumer-grade search with its hosted search API. Trust between the company and its customers is key, and so is the desire to protect personal data and demonstrate its security commitment to customers. Cobalt's Pentest as a Service platform was exactly what Algolia needed for modern security testing made easy.

download pdf

Challenges

Algolia recognizes that its customers place a great deal of trust in the company when they provide data for the search API. This led the search for Algolia to modernize and expand its penetration testing program, and that's when the company found and began utilizing Cobalt's Pentest as a Service platform. Pentesting both reduced vulnerabilities and provided tangible evidence of Algolia’s security posture to customers.

Slowed Processes

Algolia was looking for a pentesting approach that would strengthen security without slowing down the software development process.

Unclear Findings

Algolia wanted modern pentesting without burdensome test initiation and confusing findings reports.

Testing Support

Reducing the testing support strain on the internal security team and product engineers without sacrificing test quality was a top priority for Algolia.

Results

Transparent Pentesting

Algolia's commitment to protecting customer data led the company to find a robust, effective, and transparent security program with Cobalt.

Seamless Communication

Cobalt's transparency and consistent communication throughout the pentesting process provided Algolia's engineers with peace of mind.

Reporting Capabilities

Cobalt gave Algolia the ability to simply create different reports with varying levels of detail for different audiences.

Algolia was frustrated hearing from other consultancies that the test was the best they could do despite its flaws — there was no feedback loop about whether or not the test met their needs.

That said, Cobalt provides an innovative model with Pentest as a Service, completely supported by a platform that manages and captures the full find-to-fix workflow. Transparency with Cobalt created a feedback loop that was nonexistent with traditional pentesting.

"With traditional pentesting firms, there is no platform. You send an email with the description of the service, and you get a PDF back. The 'in-between' stays the magic for the consultancy. Cobalt is different - there is transparency throughout the entire process."
Adam Sura DIRECTOR OF INFRASTRUCTURE AT ALGOLIA
Read More Customer Stories

"Cobalt's model ensures we do not have to start from scratch every time a new test is needed, without having to worry that the pentesters have grown biased as they become more knowledgeable about the system. Avoiding bias is important because it sometimes leads to missed findings through things like skimming parts of the application that they have seen before where nothing has been previously found."

ADAM SURAK, DIRECTOR OF INFRASTRUCTURE AT ALGOLIA