Cybersecurity Services

Run engagements with the Cobalt Cybersecurity Services team.

Cybersecurity Services provides security testing solutions beyond Pentesting as a Service. Our focus on process execution allows for faster engagements with a centralized view into the health of security programs and a clear path for elevated security posture.

Engagements

The Cobalt Cybersecurity Services team can run the following engagements:

  • Digital risk assessment*
  • IoT ecosystem pentest
  • Secure code review*
  • Vulnerability validation
  • Goal-based pentest
  • Threat modeling
  • Red teaming
  • Wireless network pentest
  • Physical social engineering
  • Electronic social engineering
  • Security hardening

*Indicates engagements available to use on Cobalt. Other engagement types will be handled by request on the Catalog page or contact us.

Process

Lifecycle of the Cobalt pentest program

Here are the stages of a Cybersecurity Services engagement:

Stage Description
1 Discover You define what you need to test. Create an engagement brief, or make a request on the Catalog page.
2 Plan During this stage, we will determine the scope, including the engagement type and methodology. Create a Statement of Work (if applicable) and set timelines.
3 Test The Cobalt Cybersecurity Services team tests your asset using the determined methodology.
  • We share vulnerabilities that we discover in real time, in a dedicated Slack channel.
  • At this stage, you can start remediating findings.
4 Remediate The testing process is complete. Remediate discovered findings.
  • We provide remediation guidance during testing.
  • Free retesting is depending upon the type of engagement.
5 Report We share a report once the engagement is complete. For engagements, the report sections may differ compared to standard pentests.
6 Analyze Once the engagement is complete, analyze the security posture of your asset.
  • Deep dive into the report to assess discovered vulnerabilities with your development and security teams.
  • Take the required remediation actions.

Asset Types

Cybersecurity Services supports additional asset types, beyond our standard pentest asset types. You may see these asset types in the Cobalt UI:

Asset Type Description
IoT An IoT ecosystem. As defined by NIST, an IoT device has at least one transducer (sensor or actuator) for interacting directly with the physical world and at least one network interface, such as Ethernet, Wi-Fi, or Bluetooth, for interfacing with the digital world.
Physical Offices, buildings, data centers, campuses, or any other physical space that requires access control due to the presence of sensitive information, equipment, or processes.
Wireless Network Wi-Fi networks consist of a wireless router or access point that broadcasts signals, allowing devices equipped with Wi-Fi capability (such as smartphones, laptops, tablets, and smart home devices) to connect wirelessly. Users can access the internet or communicate with other devices within the network range without needing physical cables.
Other Asset used in other engagements, such as phishing, red teaming, security hardening, and more.

How to Request Cybersecurity Services

To request a Cybersecurity Service, navigate to the Catalog page in Cobalt. Select Request on the service you are interested in.

Our CSM team will reach out to start the process at a time that suits you. We will ask you to fill out a scoping form which will speed up the process.


Digital Risk Assessment

Review details & methodology for Digital Risk Assessments.

Secure Code Review

Review details & methodology for a Secure Code Review.




Was this page helpful?

Create an Issue

Last modified July.07.2024