Penetration Testing
offers a practical way of testing your cyber security measures using trained professionals
What is a pentest: types, scoping and pricing

Why Conduct a Pentest?

Ensure strong cybersecurity within the organization

Provide security confidence to clients and partners
Pentest Approaches
Black Box Pentest
Identify vulnerabilities in a system that are exploitable by ethical testers without previous knowledge of the network.
Gray Box Pentest
Provide a more in-depth assessment of the system and identify the greatest risks and countermeasures.
White Box Pentest
A sophisticated type of testing that provides a comprehensive assessment of both internal and external vulnerabilities.
“We have an identified partner in cyber security moving forward as our team has more capacity. We are looking forward to working more deeply with Kobalt.io in the future and expect to continue to collaborate in the future.”
– Erin Berube, VP of Operations, Vivo Team
Pentest Timeline
Complete Agreement
Sign off on the Proposal, Complete Payment Details in Stripe
Kick Off Call
Introductions, Scheduling, Review Scope & Prerequisites for Testing
Pentest
Provide Credentials and Access to, Runs from 2 Days to 2 Weeks Depending on Type and Scope
Report
Testing Concludes, Deliver Final Report
Executive Review
Review Results, Answer Questions, Retesting Issues to Verify Successful Remediation
Pentest Options

Why Retest
- With a retest, a security expert will research the adjustments and check whether the vulnerabilities have actually been fixed.
- Get a clean report ready for clients
- Show evidence to the auditor that you are taking action
- Less expensive to re-test specific items

Why Work with Kobalt.io

- Our pentesters have conducted numerous pentests for clients of different needs and sizes
- We combine manual and automated penetration testing, manually validating results from automated scans to reduce false positives, and adjusting risk rating that is suitable to your context
- We take a holistic approach when it comes to improving your cybersecurity and we offer other complementary services
Learn more about other complementary services
Vulnerability Scanning
Vulnerability assessment is a test to uncover and evaluate vulnerabilities within your IT and cloud infrastructures.
Secure Developer Training
Helps you complete this compliance requirement but has the added benefit of training your developers on the mistakes that led to the vulnerabilities we found during our pentest.
Enhanced User Education
It includes awareness training and continuous phish testing, can help you not only with compliance but also cybersecurity insurance needs.
7x 24 Managed Threat Detection
The sooner you address and contain a cyber incident, the lower the impact on your business.
vCISO
Virtual CISO can help you evaluate risks, determine technology solutions, evaluate technical controls, select compliance standards and plan and execute roadmap items.
DPO
A designated DPO that works alongside your team at a fraction of the cost of hiring an internal DPO.
Managed Compliance
Our offering can help you with other needs on your way to achieving ISO27001, SOC2, GDPR and HIPAA compliance
