What kind of asset do you have?
Define Your Assets
You can launch multiple pentests for an asset. Once you’ve set up an asset, you can reuse it in your next pentests.
Create an Asset
Once you’ve signed in, you land on the Assets page.
- To add a single asset, select New Asset. Specify asset details.
- To upload assets in bulk in CSV or XLSX format, select Bulk Assets. Once uploaded, you can select an asset to add an image, technology stack, and attachments.
- If the upload is successful, all your assets from the file are added. Otherwise, no assets are created. Our algorithm doesn’t process the request partially.
- We don’t prevent you from creating duplicate assets.
Best practices for creating an asset:
- Describe your asset as clearly as possible.
- Add a product walk-through and asset documentation using the provided templates.
- Keep your assets up to date.
- Start creating or editing your asset before creating a pentest. You can reuse the asset for future pentests.
- Use tags to map your assets to external systems.
The Asset screen prompts you for the following information:
- Asset Title: Set up a descriptive name to attract attention from the best pentesters.
- Asset Image: Use it to help identify what you need from a list of assets.
- Asset Type: Select one of the options described in the linked page.
- Technology Stack (for Web, Mobile, API, and combined asset types): Add a technology stack for your asset. You can preview potential vulnerabilities based on the Common Vulnerabilities and Exposures (CVE) standard for this stack.
- Asset Description: Add information that can help your pentesters fully analyze your asset.
- Attachments: Upload documentation, architecture diagrams, images, spreadsheets, or videos related to your asset.
- Tags: An asset tag is customer-defined metadata associated with a Cobalt asset. Learn how to use asset tags.
An asset tag is customer-defined metadata associated with a Cobalt asset. You can add multiple tags to an asset. Use tags to:
- Map your assets to external systems, such as your vulnerability management application or task tracking software. Add the asset identifier in your third-party system as a tag.
- Associate other metadata such as vulnerabilities in external systems with Cobalt assets.
- Assign internal teams or business units to manage specific assets in Cobalt.
- Assign a compliance audit type the asset is subject to, such as
You can also add asset tags using the Cobalt API. Learn more in our API documentation.
Better descriptions help our pentesters test your assets properly.
Last modified September.09.2023