.svg)
The Challenge
As a SaaS provider managing over 60 million joint-use assets for electric utilities and broadband providers, the company operates in an environment where data integrity and availability are non-negotiable. While pentesting has been a part of the company’s security assessments for years, the security team grew increasingly dissatisfied with the operational friction caused by traditional pentesting engagements.
The Architect and Security Officer, says: “The problem with traditional pentest solutions is that they feel like a black box, where work gets thrown over the wall, and you don’t hear anything until it’s done. We were looking for something much more interactive.”
Because their previous pentesting provider waited until the end of a pentest engagement to share findings, their security team lost valuable time in remediation, creating inefficiencies in their workflow. The company began looking for a partner that could offer pentesting on demand, for a more agile program.
The Solution
The company partnered with Cobalt to transform their security testing from an ad hoc, transactional model to a dynamic pentesting program. The Cobalt Offensive Security Platform immediately eliminated the “black box” frustration by providing a transparent dashboard and direct communication with pentesters. This shift allowed the security team to view progress in real time, and initiate tests on-demand, removing administrative bottlenecks that were slowing the team down.
The quality of the collaboration was a major differentiator. The Architect and Security Officer says that the feedback from pentesters wasn’t just a list of errors, but a collaborative roadmap. “The pentesters didn’t just find a problem; they explained how to reproduce it and provided suggested fixes,” he explains.
These insights empowered the Architect and Security Officer to hand actionable instructions directly to his developers— even those without any security expertise—enabling them to reproduce and resolve issues independently. This new workflow transformed security from a gatekeeper function into a seamless part of the development lifecycle.
The Results
The partnership with Cobalt resulted in immediate operational improvements. By leveraging real-time feedback loops with pentesters, the security team started to deploy fixes right away, rather than waiting for finalized reports.
“We’ve seen a 70% decrease in remediation time—a significant productivity gain for us,” the Architect and Security Officer says. This speed was instrumental in helping the company achieve SOC 2 Type 2 compliance, an important milestone for their enterprise clients.
Beyond speed, the partnership also yielded financial value. The flexible, credit-based Cobalt billing model gave them precise control over their security budget, allowing them to scale testing resources up or down based on business needs.
Looking forward, they plan to deepen this integration by expanding into DAST and red teaming. By partnering with Cobalt, the company has turned security testing into a strategic advantage.
