Release Notes: March 2025

Explore What’s New from Cobalt This Month

CVSS v3.1 Scoring

Problem

Customers have expressed the need for a clear, standardized severity rating that offers a consistent and objective view of vulnerability severity. The existing OWASP-based ratings, while providing valuable context, were subjective and made it difficult for customers to obtain a standardized and objective assessment of risk.

Solution

New CVSS v3.1 scoring to all new findings! Our pentesters will now complete the CVSS vector, and our platform will automatically calculate the score and severity. This critical data will be included in finding reports, CSV downloads, and various integrations such as the creation of a ticket in Jira, where this data will be seamlessly embedded within the description of the finding. The implementation of CVSS scoring aims to provide objectivity to a previously subjective system and offers a numerical representation of vulnerability severity.

Benefits

  • Meets Customer Demand: Directly fulfills requests for CVSS scores, meeting a critical customer demand.
  • Guarantees Consistent Data: With structured CVSS scores for all findings, we are eliminating inconsistencies and providing a designated location for this information. This reduces the risk of customers requesting this information, only for it to be omitted by testers.
  • Improves Risk Assessment: The addition of CVSS v3.1 scoring provides an additional data input for our customers to better understand findings and prioritize risk accordingly.
CVSS v3.1

New Test Coverage Section in Comprehensive Reports

Problem

We want to demonstrate the coverage and depth within our comprehesnvie testing. You will see a new test coverage section.

Solution

To address this, we’ve added a “Test Coverage” section to our final reports (for comprehensive pentests only). This new section provides an overview of testing, a results column, and associated findings.

Benefits

  • A holistic view of testing coverage.
  • Increased transparency into the scope of testing.
  • Enhanced traceability of findings to test activities.
Demonstrate Test Coverage
Last modified April 24, 2025