The challenge
As a leading online gaming provider, Sportingtech’s security team knew that maintaining a pentesting program was essential to protecting their platform and their users. However, their existing approach to security testing was creating significant internal strain. Prior to adopting a formal pentesting solution, Sportingtech struggled to balance essential security validation with daily operational demands. The team relied on internal and often ad hoc security assessments. This self-service approach was time consuming, requiring security engineers to spend valuable time away from key projects to hunt down issues, with limited tools and expertise.
To enhance their security posture and provide the highest level of confidence in their platform, Sportingtech needed a reliable, continuous, and expert external service that could efficiently perform pentests and integrate smoothly into their existing development lifecycle—all without incurring heavy internal overhead.
The solution
Sportingtech sought a solution that delivered security validation, operational efficiencies, and a seamless workflow—ultimately choosing Cobalt as their pentesting partner. A deciding factor was the Cobalt Core pentesters. As Senior Information Security Engineer Stephen Gili noted: ”The caliber and diverse expertise of [the Cobalt Core] pentesters was a major factor in our decision.”
The Cobalt Offensive Security Platform immediately addressed Sportingtech's workflow challenges, extending their security bandwidth. Integration with Jira created the most compelling opportunity for time saving efficiency. Since Sportingtech heavily utilized Jira for development, this integration instantly automated the process for assigning findings to developers to be remediated. Head of Information Security Clyde Bugeja stated: "The seamless Jira integration helped us escalate findings to our internal teams, allowing us to fix the vulnerability as it was uncovered."
In addition to this workflow automation, Cobalt provided centralized, detailed reporting and unlimited retesting. Post-fix retesting meant every issue was closed, thus eliminating the risk of undetected critical vulnerabilities.
The results
The immediate impact of partnering with Cobalt was an increase in Sportingtech’s remediation rate, with the team fixing over 75% of all findings. This high fix rate demonstrated the effectiveness of the workflow between Cobalt and Sportingtech’s development teams, significantly improving the company's overall security posture.
Beyond the fix rate, Cobalt provided the validation and expertise Sportingtech needed to establish confidence in their platform. Clyde exclaimed: "Cobalt has truly become an extension of Sportingtech. They ensure we are detecting all the critical vulnerabilities on our platform."
The partnership also elevated security awareness of Sportingtech’s development teams, leading to more critical vulnerabilities being caught early on in the development process. Stephen explained: "The feedback increased our internal security awareness, specifically in detecting critical vulnerabilities we may have otherwise overlooked. This is arguably one of the most valuable returns on investment."
Another result was time recaptured. By relying on Cobalt for their pentesting, Sportingtech eliminated taxing, manual work, freeing their security team to shift their focus to other strategic security initiatives. Cobalt ultimately provided Sportingtech with a modern, proactive method for managing their pentesting program, ensuring their gaming platform remains secure—empowering their team to focus on innovation.
