DAST
Continuously monitor web applications for vulnerabilities at scale with Cobalt Dynamic Application Security Testing (DAST).
DAST
Continuously monitor web applications for vulnerabilities at scale with Cobalt Dynamic Application Security Testing (DAST).

Cobalt Pentest Pricing

Modern Pentesting for All
Cobalt offers a flexible, on-demand consumption model to meet the modern pentesting needs of all security and development teams. Receive a full compliance test in two weeks by the leading PtaaS authority for as little as $8,500 with Starter Packs. Explore Cobalt’s offerings below to determine the right package for your testing goals.
Standard

For teams in need of a speedy,
annual pentest to meet
a compliance need
or client request.

Includes:
  • Pentest Start Time Within 3 Business Days
  • Self-Service Platform with Google OAUTH 2.0 & 2FA
  • SAML-Based SSO
  • Best Practice Methodology + Pentest Coverage Checklist
  • Detailed Findings with Recommended Fixes
  • Real-time Collaboration with Pentesters via Slack and Platform
  • Cobalt API
  • Free Retesting
Premium

For teams looking to build
a structured pentest program
to meet compliance needs and
improve overall security.

Includes Everything in Standard, Plus:
  • Pentest Start Time Within 2 Business Days
  • Named Customer Success Manager (CSM)
  • Native Integrations (Jira, GitHub)
  • Customizable Reports
  • Onboarding for Teams
  • Annual Strategic Planning
Enterprise

For teams looking to scale their pentest programs to meet compliance needs, increase testing frequency, and improve overall security.

Includes Everything in Premium, Plus:
  • Pentest Start Time Within 1 Business Day
  • Quarterly Strategic Planning
  • Quarterly Maturity Assessments
  • Custom Pentester Requests (Geo, Time Zone, Testing Windows)
  • Up to 10% Annual Credit Rollover

Compare What's Offered in Each Tier

Self-Service Platform with
google oauth 2.0 & 2fa

saml-based sso
best practice methodology +
coverage checklist
detailed findings
with recommended fixes
real-time collaboration via slack and the platform
cobalt api
start pentest within
free retesting
customer success team
native integrations (jira, github)
customizable reports
onboarding
strategic planning
quarterly maturity assessment

Custom Pentester Requests (Geo, Time Zone, Testing Windows)

credit rollover

Standard

3 Business Days
6 Months

Pool

Premium

2 Business Days
12 Months

Named CSM

Security + 1 Dev Team

Annual

Enterprise

1 Business Day
12 Months

Named CSM

All Teams

Quarterly

Up to 10%

Download the Cobalt Packaging Brief

Read about Cobalt's flexible, on-demand consumption model to meet your modern pentesting needs.

Cobalt Credits Provide a Flexible Consumption Model

A Cobalt Credit is a standardized unit of work that represents 8 pentesting hours. Credits provide flexibility in both planning and executing pentests. They are sold in annual packages that include asset scoping, retesting, unlimited platform access, and more.

You can think of a Cobalt Credit as a virtual voucher that you consume whenever a manual pentesting need arises, meaning you can get a pentest up and running within days, compared to weeks with traditional services. Instead of being tied to a traditional ‘all in scope’ assessment, you can tailor and distribute the amount of work based on the complexity of your asset(s).
Cobalt-Pricing-Cobalt logo graphic

Frequently Asked Questions

Ready to Get Started?