Cobalt

Based in San Francisco, California, Cobalt provides a Pentest as a Service (PTaaS) platform that connects businesses with a vetted network of security researchers for crowdsourced vulnerability and penetration testing. The company operates a software-as-a-service subscription model that replaces traditional one-time security assessments with continuous application security testing for enterprise web applications and APIs. The enterprise has raised $37 million in total funding to date, which includes a $29 million Series B financing round that helped the firm become cash-flow positive while expanding its workforce to approximately 105 employees. This corporate growth was supported by lead investor Highland Europe, with partner Gajan Rajanathan joining the board, alongside recent leadership transitions involving former chief executive Chris Manton-Jones and current CEO Sonali Shah. Cobalt was originally founded in 2013 by Jacob Hansen, Christian Hansen, Esben, and Jakob.

High-Level Overview

Cobalt.io is a cybersecurity company offering a modern offensive security platform, specializing in Penetration Testing as a Service (PTaaS). It provides on-demand pentesting, continuous testing programs, and services like application, network, cloud, and InfoSec security testing to help organizations identify and mitigate vulnerabilities proactively.[6] Serving over 1,500 customers, Cobalt empowers fast-moving product teams and enterprises with flexible, expert-driven security solutions, including integrations for automated workflows and a vetted community of pentesters.[6] Its growth is evidenced by a decade of pentesting data insights, such as the annual State of Pentesting Report, positioning it as a pioneer in scalable, continuous security testing amid rising cyber threats.[6]

Origin Story

Cobalt was founded on the belief that traditional pentesting could be improved through a more efficient, on-demand model.[6] While specific founders and exact founding year details are not detailed in available sources, the company emerged to address gaps in conventional penetration testing by creating PTaaS, enabling tests to start in as little as 24 hours.[6] Early traction came from building a platform that combines a core community of vetted experts (Cobalt Core) with services for proactive risk mitigation, evolving into a full offensive security program that includes fix validation and strategic guidance.[6] This focus on speed and scalability marked pivotal moments, differentiating it from one-off pentest providers and attracting a broad customer base.[6]

Core Differentiators

• PTaaS Platform: On-demand penetration testing starting in 24 hours, with a flexible credit model for pricing and seamless integrations to automate vulnerability remediation.[6]
• Continuous Offensive Security: Beyond one-off tests, offers ongoing programs with testing, fix validation, and expert guidance via the Offensive Security Program.[6]
• Expert Network (Cobalt Core): Community of highly-vetted pentesters ensuring top-tier quality, combined with specialized services for apps, networks, cloud, and SOC defenses.[6]
• Data-Driven Insights: Leverages 10 years of pentesting data for reports like the State of Pentesting, helping customers benchmark and address risks effectively.[6]

Role in the Broader Tech Landscape

Cobalt rides the wave of escalating cybersecurity demands, particularly as AI adoption and cloud migration amplify attack surfaces—trends highlighted in its Responsible AI Imperative resources.[6] Timing is critical amid regulatory pressures like GDPR and rising breach costs, where traditional pentesting falls short for agile DevSecOps teams; Cobalt's PTaaS fills this by enabling rapid, scalable testing.[6] Market forces favoring it include the shift to continuous security in a zero-trust world and the need for vendor-neutral expertise across perimeters and clouds.[6] It influences the ecosystem by standardizing offensive security practices, fostering partnerships, and providing transparency via its Trust Center on data privacy and compliance, helping organizations build resilient defenses.[6]

Quick Take & Future Outlook

Cobalt is poised to expand its PTaaS leadership with deeper AI security integrations and automated remediation tools, capitalizing on its 1,500+ customer base and pentesting data moat.[6] Trends like AI-driven threats and regulatory evolution will shape its path, potentially growing through enterprise deals and global partnerships.[6] Its influence may evolve toward full-spectrum offensive security platforms, reinforcing its role as a go-to for proactive vulnerability management in an increasingly hostile digital landscape—echoing its founding mission to make pentesting better.[6]