112 Cobalt Reviews
Cobalt offers Pentest as a service (PTaaS). When we started working on it, our goal was to strengthen our application security by incorporating on-demand pentesting services. The platform allows us to deploy faster pentests, and real-time collaboration with security experts. We use Cobalt's service every quarter. We have also integrated our CI/CD pipeline with Cobalt’s PTaaS model. The platform is also user-friendly to manage vulnerability findings seamlessly. Platform support is exceptional as usual. Review collected by and hosted on G2.com.
Cobalt is a little more expensive than other traditional penetration testing. For small organizations, it is on the higher side. Review collected by and hosted on G2.com.
It's really easy to set up a pentest. We use Cobalt a couple of times a year, so we can use predefined templates for the same products. Almost every time we create a new request, there are new features. Anytime we have a question or request, our CSM is there for us.
Our Platform Teams take advantage of Jira Integration to manage findings. The Slack channel is also a nice touch - it makes communication much easier. Review collected by and hosted on G2.com.
Sometimes it's hard to understand how credits work. Review collected by and hosted on G2.com.
It is very easy to setup and conduct a pen test.
Once your pen test is completed you have immediate access to multiple different reports to provide to your customers and internal stakeholders (attestation letter, full report, executive report, etc).
Customer support is very fast to respond if there are any issues. Review collected by and hosted on G2.com.
It would be nice if they would not have an upcharge to integrate with work item tracking (ADO etc). Review collected by and hosted on G2.com.
Cobalt identifies vulnerabilities in our website that could be exploited by hackers. They provide recommendations for fixing the issues, and after the fixes are implemented, they review and offer feedback on the resolution. Good Customer support they offer and ease in understanding the issues. Review collected by and hosted on G2.com.
They do pentesting for 8-10days and in between that timeframe if site fail in that case the timeframe will be less for testing. Review collected by and hosted on G2.com.
One of the things I like best about Cobalt is the ease of the entire process, from setting the scope and access to the way the findings are reported in their portal, and with Jira directly integrated, creating and closing issues make everything smooth. Review collected by and hosted on G2.com.
Honestly I do not have any constructive feedback at this time. Review collected by and hosted on G2.com.
Very easy to get into the platform and be interative. You can do one test and quickly move onto another without having tio go through the process of another engagement. The customizeable reporting and integrations come in handy. Well defined interface, can get expensive if you do a lot of testing but don't need a dedicated individual. Review collected by and hosted on G2.com.
The initial login is a little confusing. It could use a little more hand holding, especially if you have already registered and forgotten.
Feedback cycles vary depending on the individual working on you engagement. Review collected by and hosted on G2.com.
The pen-test experience with Cobalt works just great for us. The main pros I enjoy when working with them are the following:
- Ease of setup. In your Cobalt account, you set up your app details, which have to be tested. Even if you're new to all this stuff, the form contains enough instructions to guide you through the whole process. If that information is not enough, you get in-person support, which will help you through the process.
- Quick start and turnaround. As soon as you decide to launch your test, it only takes Cobalt 48 hours to find test engineers according to your requirements. Or you can easily plan for many months. All will start on time.
- Real-time reporting. You don't need to wait two weeks for the test to be fully finished to learn about the findings. Once a vulnerability is identified, its details are added to your Cobalt account. If you're using Jira for project management, you can also set up an integration, which will create a Jira issue with all the vulnerability details. Your developer can jump straight on it and fix the problem without switching to any other account. Additionally, all vulnerabilities found come with remediation instructions.
- Ongoing communication. You get a Slack channel organized with the testers who report to you daily, who you can ask questions and get explanations. We asked to assign us the testers who can communicate during our timezone for better collaboration.
We've been using Cobalt for almost three years now and are fully satisfied with the whole experience. Review collected by and hosted on G2.com.
There is nothing to note; the experience with Cobalt makes the pent-test process easy and reliable. Review collected by and hosted on G2.com.
The talent and professionalism and customer service is second to none. We use Cobalt to establish a baseline with respect to vulnerability findings and security targets. Also the test are very agile, a big plus. Review collected by and hosted on G2.com.
No real downside. Seriously no issues with the product. Review collected by and hosted on G2.com.
Adversary Simulation and Red Teaming. Cobalt Strike isn’t your run-of-the-mill penetration testing tool. It goes beyond finding unpatched vulnerabilities and misconfigurations. Instead, it simulates the tactics and techniques of an advanced adversary within a network. Imagine slipping into the shoes of a stealthy, long-term infiltrator—someone who’s quietly embedded themselves in the digital shadows. Review collected by and hosted on G2.com.
Nothing ... I think Cobalt is a awesome tool... Review collected by and hosted on G2.com.
The account management and customer success team at cobalt is outstanding. Any issues that arose were handled quickly and resolved to my satisfaction. Review collected by and hosted on G2.com.
The quality and expertise of security testing engineers can vary widely. You may get a testing report with fantastic detail and accurate findings but other results may show a lack of understanding and detail. Review collected by and hosted on G2.com.
