Pentest Process
Learn about the pentest lifecycle.
Explore the stages of the Cobalt Pentest as a Service (PtaaS) program.
| Stage | Description |
---|
1 | Discover | Prepare for the pentest engagement.- Map the attack surface of your software.
- Create an account on the Cobalt platform following our invitation. Our CSM team will get in touch with you.
|
2 | Plan | Plan, scope, and schedule your pentest.- See our Getting Started guide to learn how to launch a pentest. If you need help, contact us.
- Prepare the environment for our pentesters, such as set up test credentials for them. Note: Your organization is responsible for deleting/disabling or rotating any credentials issued during this test once the testing process is complete.
- Alert the stakeholders in your organization about the upcoming pentest.
- Once you’ve submitted the pentest, we’ll assign pentesters based on your technology stack.
|
3 | Test | Pentesters test your asset using various pentest methodologies and techniques. |
4 | Remediate | The testing process is complete. Remediate findings that pentesters discovered. |
5 | Report | Download the pentest report to view a summary of vulnerabilities in your software. Share the report with stakeholders.- The report will be available 2 to 3 business days after the pentest is complete.
- The content of the report differs depending on the report type.
|
6 | Analyze | Once the pentest is complete, analyze the security posture of your asset.- Deep dive into the pentest report to assess discovered vulnerabilities with your development and security teams.
- Take the required remediation actions.
- Identify what you expect from your next pentest for this asset.
|
Last modified December 18, 2024