Cobalt Labs

Cobalt Labs_Company Logo


Address: Friedrichstrasse 68
Berlin 10117
Telephone: +49 151 6568 2574
Email: [email protected]
Contact: Ali Deniz Gulacti

Cobalt is redefining the modern pentest for companies who want serious hacker-like testing built into their development cycle.  Forget about old school, overpriced PDF pen test reports with low quality findings — and never pay for re-testing again.

At Cobalt, we use a combination of data, technology and talent to meet the security challenges of the modern web or mobile application, and ensure we provide the smartest, most efficient services possible.  From Cobalt Central, our powerful vulnerability dashboard, to Cobalt Insights, which gives you an intelligent overview of your application security program, we are driven by great technology.  Our pentest is built to satisfy requirements you might have as part of your sales process to verify your security posture, including compliance.  Your reports are automatically updated when findings.  We can also fulfill the requirement for most certifications including vendor assessments, PCI, HIPAA and SOC-2.


Penetration Testing

Contact: Cobalt Sales
+1 415 906 5222
[email protected]

Cobalt Pentests are on-demand hacker-powered penetration tests performed by a certified researcher supported by handpicked Core researchers.  You pay a fixed price based on application size and testing frequency.  If you are looking for a focused application security assessment and penetration testing setup, where you get an actionable report for your team and customers, this is the solution for you.

When a program is launched you will receive vulnerability reports on Cobalt Central, your own application security inbox.  Assign reports to your team members via your preferred workflow, such as Jira or Github.  Clear up questions quickly by asking researchers directly on Cobalt Central, and ensure that your security is hardened as efficiently as possible.

Get a cleanly designed, clearly written summary document to share with your stakeholders.  And yes – the report is compliant with PCI, HIPAA and your awesome vendor assessment with F500.

CREST Qualified Consultants:
Practitioner Security Analysts:  Yes
Registered Penetration Testers:  Yes
Certified Web Application Testers:  Yes
Certified Infrastructure Testers:  No
Wireless Specialists:  No