Learn about the asset types we support.
For pentests, an asset is a software component of value, such as a web application or API.
We can perform pentests on assets in the following categories:
|Standard Assets||Web||An online application (app). Includes APIs that supply data to the (Web) app.|
|Mobile||Any application intended for mobile phones or tablets.|
|API||API is an Application Programming Interface. Use for APIs independent of a Web app.|
|External Network||Any network that’s directly exposed to the internet.|
|Internal Network||Any network with either a limited or no interface to the internet.|
|Cloud Config||For systems on “the Cloud,” using services such as Amazon AWS, Microsoft Azure, or Google GCP.|
|Combined assets||Web + API||A system that combines a Web and API asset. If the only APIs you use supply information to your web app, select the Web asset type. We test those APIs as part of web-only tests.|
|Web + API + External Network||A system that combines a Web, API, and External Network asset.|
|Web + External Network||A system that combines a Web and External Network asset.|
|Web + Mobile||A system that combines a Web and Mobile asset.|
Additional Asset TypesWe support additional asset types for advanced engagements conducted by the Cobalt Cybersecurity Services team: IoT, Physical, Thick Client, Wireless Network, and more. Learn more about Cybersecurity Services.
Last modified November.11.2023