Asset Types
Learn about the asset types we support.
For pentests, an asset is a software component of value, such as a web application or API.
We can perform pentests on assets in the following categories:
| Asset Type | Description | |
|---|---|---|
| Standard Assets | Web | An online application (app). Includes APIs that supply data to the (Web) app. |
| Mobile | Any application intended for mobile phones or tablets. | |
| API | API is an Application Programming Interface. Use for APIs independent of a Web app. | |
| External Network | Any network that’s directly exposed to the internet. | |
| Internal Network | Any network with either a limited or no interface to the internet. | |
| Cloud Config | For systems on “the Cloud,” using services such as Amazon AWS, Microsoft Azure, or Google GCP. | |
| Desktop | A desktop or thick client application (app). | |
| Combined assets | Web + API | A system that combines a Web and API asset. If the only APIs you use supply information to your web app, select the Web asset type. We test those APIs as part of web-only tests. |
| Web + API + External Network | A system that combines a Web, API, and External Network asset. | |
| Web + External Network | A system that combines a Web and External Network asset. | |
| Web + Mobile | A system that combines a Web and Mobile asset. | |
| Web + Mobile + API | A system that combines Web, Mobile, and API assets. | |
| Mobile + API | A system that combines Mobile and API assets. | |
| Internal + External Network | A combination of Internal and External Networks. |
Additional Asset Types
We support additional asset types for advanced engagements conducted by the Cobalt Cybersecurity Services team: IoT, Physical, Wireless Network, and more. Learn more about Cybersecurity Services.Last modified October.22.2024