UPDATED 10:00 EST / AUGUST 20 2020

SECURITY

Pentest-as-a-service provider Cobalt Labs raises $29M in new funding

Penetration-test-as-a-service company Cobalt Labs Inc. today expanded its war chest after landing $29 million in a funding round that brings its total amount raised to $37 million.

Highland Europe led the round, and Cobalt said it will use the money from the Series B round to expand and develop its PtaaS model and make it available to more companies around the world.

Cobalt’s platform makes it easier for companies of all shapes and sizes to access human penetration testers, who are cybersecurity experts that try to find vulnerabilities within their software so they can understand its weaknesses and come up with better ways to secure it.

Pen tests are often referred to as “ethical hacking” and involve simulating a cyberattack against a specific application or system to uncover uncover vulnerabilities such as “unsanitized” inputs that are susceptible to code injection attacks. The insights provided by the pen test can then be used to fine-tune security policies and patch any vulnerabilities that turn up, thereby making the software more secure.

As useful as it is, pen testing is not that common because the service is normally only available via specialized consultancies that are accessible at the local level. Cobalt said that runs counter to the globalized nature of today’s workforce and security community.

Moreover, the consultancy structure of most pen testers makes the entire process a bit too slow and cumbersome. It means that most companies only bother to do it once or twice a year. But the problem is that hackers tend to update their arsenal of tools much more frequently than that.

Cobalt is trying to fix things through its platform, which can be thought of as a marketplace for pen testers. It enables companies to connect with approved pen testers that possess the specific expertise they’re looking for to protect their platforms. That alone helps reduce the time to start testing from a couple of weeks to as little as 24 hours, Cobalt said.

Moreover, Cobalt thoroughly vets each pen tester before allowing them to provide their services through its platform, and performs ongoing peer reviews of their work to ensure they’re delivering high-quality services.

Another advantage of Cobalt’s service, according to the company, is that its platform delivers its results in a much more consumable format. Most pen testing companies present their results on a static PDF, which makes it difficult for developers to take that data and patch any vulnerabilities that might have been found.

Instead, Cobalt publishes platform log issues as they appear and visualizes these on a dashboard that connects to developer tools such as the JIRA platform so developers can quickly take action to remedy them. That also enables security team managers to oversee the process and request instant retests whenever needed.

Cobalt said its platform has more than 500 clients, including companies such as GoDaddy Inc., Axel Springer SE and MuleSoft LLC. Meanwhile, its platform has grown to offer more than 300 pentesters.

Cobalt Chief Strategy Officer Caroline Wong said that most companies are mistaken in thinking that the hardest part of pentesting is hacking the software.

“Actually, we’ve known for decades what the most pervasive technical problems are and how to address them,” Wong said. “The much harder part is connecting with the right people who can do the technical security work, and delivering the results to the development team who can fix the vulnerability.”

Image: madartzgraphics/Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU