Preparation

Identify the steps to complete before your pentest.

Our Preparation page details the steps you need to complete before the pentest, otherwise your start date could be impacted.

1. Ensure testers have access

  1. Are the credentials valid?
  2. Do you need to set up any access requirements?

2. Add our IPs to your allowlist

Our pentesters send requests from one or more IP addresses on a Virtual Private Network. Share this pentest with your network administrator. They may need to know the IP addresses that we use:

  • 188.226.141.7
  • 209.222.30.28
  • 185.70.198.155
  • 5.22.219.47
  • 64.226.132.108
  • 96.126.102.182
  • 64.226.133.130
  • 216.238.76.199
  • 216.238.106.73
  • 212.59.68.70
  • 192.46.213.72
  • 139.84.156.110
  • 172.104.52.94
  • 67.219.111.23
  • 139.84.232.86

3. Confirm the team availability

The Point of Contact assigned is expected to collaborate with our Cobalt staff and pentesters to ensure we have enough information to start the pentest.

Last modified October 10, 2025