Pentest Types
You can launch the following pentests on the Cobalt platform:
- PtaaS pentests with Cobalt pentesters. This includes Agile and Comprehensive pentests.
- In-House pentests with your team, without involving Cobalt pentesters. Learn more about the Pentest Management Platform.
To run a special pentest engagement, contact our Cybersecurity Services team. Learn more about Specialized Pentests.
Cobalt pentesters perform Agile and Comprehensive Pentests. Refer to the table below to learn the difference between them.
| Agile Pentest | Comprehensive Pentest | |
|---|---|---|
| Definition | An Agile Pentest performed by Cobalt pentesters focuses on code changes or a specific area of an asset and comes with an Automated Report intended for internal use | A Comprehensive Pentest is performed by Cobalt pentesters for security audit, compliance audit, or customer attestation and includes comprehensive reports intended for external stakeholders |
| Pentest Scope | Specific part of an asset | Broad area of an asset |
| Use Cases | ||
| Standard pentest timelines | 14 days | |
| Available Pentest Reports | ||
| Report Target Audience | Internal stakeholders | External stakeholders |
| Leading Cobalt Pentester | Coordinator | Lead |
You can change the type of your pentest before we move it to the Planned state. Select Edit on the pentest brief, and then select the Pentest Type.
Pentests requiring more than 20 credits don’t get immediate credit confirmation. We’ll specify the number of required credits after reviewing the pentest.
Next Steps
Refer to the Getting Started guide to set up a pentest in several stages.
To launch an In-House Pentest with your team, see Run an In-House Pentest (For Managers).
Once the pentest is complete, you can download a pentest report to explore security issues that our pentesters found.