NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.

How Algolia matures its security posture with Cobalt

Algolia was looking for a pentest partner that wouldn't slow down development.

With a mission to help companies create delightful Search & Discovery experiences, Algolia enables developers and product teams to build consumer-grade search with its hosted search API. Trust between the company and its customers is key, and so is the desire to protect personal data and demonstrate its security commitment to customers. Cobalt's Pentest as a Service platform was exactly what Algolia needed for modern security testing made easy.

 

Challenges

Slowed Processes

Algolia was looking for a pentesting approach that would strengthen security without slowing down the software development process.

Unclear Findings

Algolia wanted modern pentesting without burdensome test initiation and confusing findings reports.

Testing Support

Reducing the testing support strain on the internal security team and product engineers without sacrificing test quality was a top priority for Algolia.

Results

Transparent Pentesting

Algolia's commitment to protecting customer data led the company to find a robust, effective, and transparent security program with Cobalt.

Seamless Communication

Cobalt's transparency and consistent communication throughout the pentesting process provided Algolia's engineers with peace of mind.

Reporting Capabilities

Cobalt gave Algolia the ability to simply create different reports with varying levels of detail for different audiences.

Algolia recognizes that its customers place a great deal of trust in the company when they provide data for the search API. This led the search for Algolia to modernize and expand its penetration testing program, and that’s when the company found and began utilizing Cobalt’s Pentest as a Service platform. Pentesting both reduced vulnerabilities and provided tangible evidence of Algolia’s security posture to customers. 

Algolia was frustrated hearing from other consultancies that the test was the best they could do despite its flaws — there was no feedback loop about whether or not the test met their needs. 

That said, Cobalt provides an innovative model with Pentest as a Service, completely supported by a platform that manages and captures the full find-to-fix workflow. Transparency with Cobalt created a feedback loop that was nonexistent with traditional pentesting.

"With traditional pentesting firms, there is no platform. You send an email with the description of the service, and you get a PDF back. The 'in-between' stays the magic for the consultancy. Cobalt is different - there is transparency throughout the entire process."

ADAM SURA,

DIRECTOR OF INFRASTRUCTURE AT ALGOLIA