As a leader in personal finance, Credit Karma found quality talent and a fresh perspective on data security with Cobalt.
As a multinational personal finance company, Credit Karma provides free credit card scores, reports, and financial tips and tools to customers across the globe. Credit Karma hopes to become the financial tool for every individual — in order to do so, the company leveraged Cobalt’s Pentest as a Service platform to be fully secure.
Challenges
Outdated Methods
Getting a fresh perspective was difficult, and things became jaded when Credit Karma was used to a certain environment and a certain application over time.
Ineffective Talent
With previous organizations before Cobalt, finding the right talent all the time became burdensome and ineffective.
Limited Visibility
Credit Karma was looking for a complete view into not only potential vulnerabilities, but also the step-by-step pentesting process.
Results
Seamless Communication
Cobalt seamlessly communicated to researchers throughout the pentesting process to spot any critical issues at hand.
Fresh Perspective
What Credit Karma needed was a third party to come in and give a fresh perspective, and that’s where Cobalt stepped in.
Total Visibility of Pentest Results
Cobalt’s dashboard provided a complete overview of the entire application and scope of the pentest.
A key aspect of Cobalt’s methodology that worked well for Credit Karma is the retest feature, where they have the ability to click the retest button and the researcher comes in, does the retest, and it’s complete without any wasted time.
Credit Karma agrees: It’s better to know about something before you go live rather than going live and then knowing about it. When a vulnerability was found, Cobalt pointed the engineering team directly to the issue so the team could go back to the drawing board.
