Pentest Process

Learn about the pentest lifecycle.

Explore the stages of the Cobalt Pentest as a Service (PtaaS) program.

Lifecycle of the Cobalt pentest program

StageDescription
1DiscoverPrepare for the pentest engagement.
  • Map the attack surface of your software.
  • Create an account on the Cobalt platform following our invitation. Our CSM team will get in touch with you.
2PlanPlan, scope, and schedule your pentest.
  • See our Getting Started guide to learn how to launch a pentest. If you need help, contact us.
  • Prepare the environment for our pentesters, such as set up test credentials for them. Note: Your organization is responsible for deleting/disabling or rotating any credentials issued during this test once the testing process is complete.
  • Alert the stakeholders in your organization about the upcoming pentest.
  • Once you’ve submitted the pentest, we’ll assign pentesters based on your technology stack.
3TestPentesters test your asset using various pentest methodologies and techniques.
4RemediateThe testing process is complete. Remediate findings that pentesters discovered.
5ReportDownload the pentest report to view a summary of vulnerabilities in your software. Share the report with stakeholders.
  • The report will be available 2 to 3 business days after the pentest is complete.
  • The content of the report differs depending on the report type.
6AnalyzeOnce the pentest is complete, analyze the security posture of your asset.
  • Deep dive into the pentest report to assess discovered vulnerabilities with your development and security teams.
  • Take the required remediation actions.
  • Identify what you expect from your next pentest for this asset.
Last modified December 18, 2024