Manage your in-house pentests on the Cobalt platform.

Manage your in-house pentests on the Cobalt platform.


:::info
With the Pentest Management Platform (PMP), you can launch and manage your in-house pentests with Cobalt. Set up a pentest, invite your own pentesters, and analyze pentest results in one place - on the platform you already know.

You can run in-house pentests with pentesters of your choice: from your organization, a third-party company, or both. Cobalt pentesters are not involved in the testing process.

:::

## Introducing the Pentest Management Platform

 ![](https://brainfish-storage-prod.s3-accelerate.amazonaws.com/uploads/8e42b09c-e27b-4b5a-ba0c-7a5ef138ea38/6e38a9c1-7085-408e-88af-68351f23df57/Screenshot%202026-03-04%20at%2012.50.23%E2%80%AFPM.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=ASIAUPPN5IL33FOSVJDK%2F20260513%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20260513T074200Z&X-Amz-Expires=3000&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEHUaCXVzLWVhc3QtMiJIMEYCIQDCDXbH2SdoNuQahcOOWSCOx23PWKBtQXGjb%2B5Q1avYZAIhAPv9lsTqbs54%2BoXWSqSWiPz8GD3MhJI0072T8PK455yQKt0FCD4QAhoMMzA4MTI1OTc1Mjg3IgwHgaGSwA%2BMZdle4CIqugUBxyNEe1MUEHmIyFV98wamYsA7%2Bzi1qyubUMTlgTrFLJxWGIEzQNqof0UTv1jij%2B8e7aAu8nxr%2BJrLAnsKSWK5c52IjSgpeNmQwE6fYDqnI9vyltVSqkbWneXvm2sKdp4%2B%2B%2BSieuTDqdSwet0Cxxt1FuACFv6nuESgaGuwIBq4gbIFCMDtk8j4wQE65P5P5tgKd%2BqdGPh5NPvx20odlXPFvobRaEkn9VRs6s7IS879katCIDJ0nft2v2gTd%2BM5meMKNxZJDp7lHqsEq4QQ48yDLW4r2bgDY2P1p1StaJT0FATanPFDkuMnnct8BRI0pQs%2B2tujS3LQHAi5mLZistUYA64PhJ6a598qTSjVSZkJ6o5qNj%2FzeHzq2lvHgQ1l8f0H8Gq1OZAjZsXUuhsjdS5xHPh4bjkIe0W0qyfajQggHC39e3G0lH67ffK363cSESOMQjOKpkMaWA%2Fhgh6rfak81Q78CMBAGDZ7bjc3DmyXhuQZkB8xXWBTkbkez2yGmhItN1JSACbBqV2hL3KYYvRZGYN0NULi%2FvvHnqi4k%2FQsctAmD9tYAf9ePVNaM%2F5QZ3AotlF2J2DoUJU9DfD1suhMB5m4tpHRwRVrIQ1rN1MG%2BjnKR5VAPWLmA0piAaiLy55ahkAECCWtFyMSsSEN12QoR0hMCUXdhC5QlYxKEFfss75pYxpkRhTaW7xMuFcUdLDzr6GbpiaL0p0kMwfRvfxF%2BGHjk%2Bl4NJJipPUgZFcx74iFlUn0F1YsGUzpVVou5j4hFAUCRLN1AlFYpxabhtv75hV9RM6fPplJgN%2BvJrvzAF1z8Vivu4alEq40gfwSwYwmC41FPlXF6rj2JHP%2BlSmlP9k%2FcV8%2FInLq4mEUsH8mWkE%2BnzYzJvDX4gCzWpAEYDSfdpoj4ek3Ne9%2FIwRhtspDJcV2lPtN7HH7PzC6kpDQBjqPAYNDvJW52PaqDWGOupmbUHSbqsUbzHUkc4SY4p5olaKuvFVQusisUT83jUl4Ys%2BWJwk9u6S4bAy9RUECW2aiEloolKumfrJBFQcgSAgWYjMA7oadPFt77yLt7AFUTX0cNynahZioo6EUJyN2oUYbURU96I624DV%2FlA2bTrcDXkw4G0JpYqRJhpouEGTo0UZd&X-Amz-Signature=1b9cd5d4c1fa568f5b4cf8187987d0533296b426b5dda7bfadaffc6bd77aa090&X-Amz-SignedHeaders=host&response-content-disposition=attachment&x-amz-checksum-mode=ENABLED&x-id=GetObject)


Penetration testing is a critical component of an enterprise’s security program. Most often it’s accomplished through a combination of internal red team engagements and third-party testing. This joint approach forces security teams to juggle a myriad of data and tools, resulting in inconsistent processes and results. Before organizations look to scale their offensive security, they need to address these inefficiencies.

Enter Cobalt. We built our award-winning platform for pentesters, covering the entire lifecycle of a pentest from planning, launching, and collaborating on tests to writing reports, tracking vulnerabilities, and remediation efforts. We are now opening up our pentest management technology used by over 400 pentesters worldwide to customers with in-house testing teams.

The Cobalt Pentest Management Platform is designed to increase the efficiency and quality of your in-house pentests. This solution enables security teams to:

* **Visualize your end-to-end pentest program** in a single platform
* **Reduce administrative work** for faster turnaround times and remediation efforts
* **Integrate findings** into your SDLC using ticketing systems like Jira or the Cobalt API
* **Standardize reporting** with customizable and automated templates
* **Track program improvements** by leveraging ongoing test data and analytics

## What’s Your Role?

| **Pentest Manager** | **In-House Pentester** |
|:---|:---|
| I manage and collaborate on pentests for my organization. \n[Read the Guide>>](https://cobalt-io.brainfish.ai/en-us/articles/set-up-an-in-house-pentest-K9sgKIXq6Y) | I perform pentests for my organization. \n[Read the Guide>>](https://cobalt-io.brainfish.ai/en-us/articles/complete-an-in-house-pentest-for-pentesters-y7RCf5izE6) |




In House Pentests

Pentests

Overview

Asset Details

Pentest Details

Scope & Test Period

Preparation

Create a Pentest

Pentest Process

Pentest States

Coverage Checklist

Pentest Expectations

Complete an In-House Pentest (For Pentesters)

Set Up an In-House Pentest

Remediate Findings

Finding States

Severity Levels

Findings

Contents of a Pentest Report

Customize Your Report

Co-branded Reports

Reports

How to get started with Cobalt

Getting Started

Assets are what we pentest

Asset Types

Create an Asset

Risk Advisories

Assets

Engagements Overview

Digital Risk Assessment

Secure Code Review

Engagements

Insights

Planning

Cobalt Methodologies Overview

Web Methodologies

API Methodologies

External Network Methodologies

Internal Network Methodologies

Mobile Methodologies

Cloud Configuration Review Methodologies

Cloud Pentest Methodology

Desktop Methodologies

AI/LLM Methodologies

Digital Risk Assessment Methodology

Secure Code Review Methodologies

Methodologies

Attack Surface Monitoring (ASM)

Attack Surface

DAST Scanner Overview

Best Practices

Integrations

Partial Scans: Reduced Scope

Scans

Sequence recorder

Targets

Target Authentication

Extra Hosts

Blackout Period

DAST Scanner

Account Overview

Account Settings

Password Best Practices

Sign In to Cobalt

Troubleshoot Sign-in Issues

User Account

Collaboration Overview

Collaborate on Pentests

Groups

Manage Pentest Collaborators

User Roles and Permissions

Manage Notifications

Collaboration

Organization Overview

Manage Users

Your Cobalt Contract

Configure SAML SSO

How to Configure SAML 2.0 for Cobalt 

SAML Migration: Update Your Configuration

SCIM Provisioning Setup Guide

Configure Organization Settings

Organization

Cobalt PtaaS Tiers

Cobalt Credits

Track Your Credits

Credits

Cobalt Integrations Overview

Connect your applications

Create Azure DevOps Work Item for Findings

Create GitHub tickets for Findings

Create GitLab tickets for Findings

Send email notifications for Findings from Outlook

Send MS Teams notifications for Findings

Create Jira tickets for Findings

HTTP Connector

Import Assets from Google Sheets

Map Cobalt Pentest Finding Severity to Jira Issue Priority

Modify Jira Issue Summary to contain Pentest Title

How to Guides

Troubleshooting

Integration Builder

Jira Cloud Integration

Jira Data Center Integration

Push Cobalt Findings to Jira

Synchronize Cobalt Severity Levels with Jira

Switching to a New Jira Instance

Troubleshoot Your Jira Integration

Integrate Jira with Cobalt

Slack

Microsoft Teams

Webhooks

DefectDojo

Kenna Security

Vanta

Carried Over Findings

Create Test Finding

Cobalt API Overview

Create a Personal Cobalt API Token

Get an Organization Token

Revoke Your Personal Cobalt API Tokens

Create or Modify an Asset

Import Findings to Google Sheets

Cobalt API

Glossary

March 2026

February 2026

January 2026

November 2025 

August 2025

July 2025

June 2025

May 2025

April 2025

March 2025

January 2025

December 2024

November 2024

October 2024

September 2024

August 2024

July 2024

June 2024

May 2024

April 2024

March 2024

January 2024

What's New

Guide

Cobalt Product Documentation

In House Pentests

Share

Complete an In-House Pentest (For Pentesters)

Set Up an In-House Pentest

Share

In House Pentests

Share

Complete an In-House Pentest (For Pentesters)

Set Up an In-House Pentest

Share