NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.

Blog

Thoughts, perspectives, and industry commentary from the Cobalt team.

A Pentester’s Guide to Dependency Confusion Attacks

This blog post discusses the concept of "Dependency Confusion" in software development, where malicious code is injected into third-party dependencies, such as libraries or frameworks, that applications use.
Pentester Guides Community
Apr 17, 2023
Est Read Time: 7 min
Read more

The State of Pentesting 2023: How Operational Changes Can Jeopardize Security

The 2023 report taps into data from over 3,100 pentests we did in 2022, and 1,000 responses from security teams in the US, the UK, and Germany.
Modernizing Pentesting
Apr 12, 2023
Est Read Time: 3 min
Read more

Cobalt Release Blog: March 2023

Read about the improvements we launched to our PtaaS Platform last month: aggregated risk, improved notifications, pentester peer feedback, and achievement stats.
Product Updates
Apr 11, 2023
Est Read Time: 1 min
Read more

Pentester of the Quarter: Shubham Chaskar

Cobalt is excited to announce that Shubham Chaskar is the Q2 Pentester of the Quarter!
Community
Apr 10, 2023
Est Read Time: 1 min
Read more

CSRF & Bypasses

This article discusses Cross-Site Request Forgery (CSRF) attacks, a web security vulnerability where an attacker tricks an authenticated website user into performing an unwanted action, such as transferring funds or changing their email address, by exploiting the user's browser cookies. The article explains how CSRF attacks work and how attackers can bypass CSRF token validation to exploit vulnerabilities in web applications. It also discusses several techniques that can be used to bypass CSRF defense, including removing the referer header, bypassing the regex, and using different Content-Type values.
Pentester Guides Community
Apr 10, 2023
Est Read Time: 8 min
Read more
Meet Lisa Matherly Cobalt's New Chief Marketing Officer cover image

Meet Lisa Matherly Cobalt's New Chief Marketing Officer

This week Cobalt welcomed Lisa Matherly, as Chief Marketing Officer. With over two decades of experience in B2B...
NEWS Life at Cobalt
Apr 5, 2023
Est Read Time: 4 min
Read more

Dynamic Duo: Dhiraj Mishra & Zubin Devnani

Dhiraj Mishra and Zubin Devnani, two Core Pentesters, have led ten successful fuzzing workshops together and have plans to continue. Read about how they got started in our blog about the Dynamic Duo in the Core.
Pentester Stories Community
Apr 5, 2023
Est Read Time: 2 min
Read more

The Fifth Edition State of Pentesting Report: Preview

The State of Pentesting 2023 drops on April 12th — get a taste of the report with this sneak peek, and sign up to receive it in your inbox on launch day.
Modernizing Pentesting
Apr 4, 2023
Est Read Time: 2 min
Read more

Overflow Vulnerabilities

Overflow vulnerabilities occur when a program or system accepts more data than it can handle, leading to memory corruption and potentially allowing attackers to execute malicious code. Core Pentester Ninad Mathpati writes about these types of vulnerabilities and how to prevent them.
Pentester Guides Community
Apr 3, 2023
Est Read Time: 14 min
Read more
    9 10 11 12 13

    Always get the latest

    Sign up to get Cobalt insights delivered right to your inbox so you never miss a story.

    More resources

    Learn pentesting best practices, read answers to our most common questions
    and get our technical docs.