Cobalt Finishes 2020 with Record Growth, Poised to Continue Disruption of Multibillion Dollar Pentesting Market

Momentum driven by Series B funding, shift to remote-first workforce, customer growth

San Francisco, CA, Dec. 17, 2020 (GLOBE NEWSWIRE) — Cobalt, the leading Pentest as a Service (PtaaS) company that’s modernizing the traditional, static penetration testing model, today announced that it achieved record growth across the business in 2020 and is poised to continue this acceleration throughout the coming calendar year. Not only did the company see a 59 percent increase in total revenue, it also announced a move to a remote-first workforce at the early onset of the pandemic, and has since added 70+ employees, including several strategic hires. The company’s ongoing momentum will help Cobalt on its quest to engage the best cybersecurity talent, via its PtaaS platform, and enable customers to move from static pentests to platform-driven pentest programs.

Taking a more strategic approach to pentesting has proven to be effective at managing corporate risk, a task that has become even more important due to the onset of the COVID-19 pandemic. In fact, according to data from ReedSmith, scams increased by 400% over the month of March, making COVID-19 the largest-ever security threat. As the number of companies who hold personally identifiable information rises, cyber criminals continue to take advantage of security flaws not caught by automated security scanners.

“Organizations around the world are facing an unprecedented volume of cyberattacks,” said Jacob Hansen, co-founder and CEO of Cobalt. “Automated tools are not enough to keep companies safe. They need the creativity and skills of humans who can understand the thoughts and actions of sophisticated attackers, and who can identify vulnerabilities at a speed that matches even the most aggressive development timetables. Cobalt has risen to meet this challenge by investing in our team and our platform in order to serve our growing list of customers. We will continue to build upon this solid foundation in 2021.”

Growing the Business, Supporting the Community

In 2020, Cobalt hit a number of key milestones, including:

  • Customer momentum: Cobalt saw demand for PtaaS surge across industries and will wrap up the year with over 350 new customers including Chegg and Zenefits and a Net Promoter Score averaging 70. Current Cobalt customers include GoDaddy, Vonage, Axel Springer and MuleSoft.
  • Record number of testing engagements: The Cobalt Core — a closed, highly vetted pool of security testers — continued to attract members with top-tier skill sets, contributing to a record number of 1,500+ pentests conducted in 2020.
  • Business growth: The company saw a revenue jump of 59 percent and a 53 percent year-over-year increase in the number of pentests. In August, Cobalt raised $29 million in Series B funding to increase headcount and expand its platform.
  • Headcount: The team expanded by 50 percent in 2020. Cobalt also made several notable hires, filling highly strategic senior positions on the following teams:
    • Pentest Operations and Research welcomed new Director Jay Paz, who will lay the groundwork for innovation and scale as he oversees operations and day-to-day management for Cobalt’s pentester community.
    • Marketing expanded its Communications and Product Marketing functions with the addition of two director-level hires, Rachel Ratchford and Lauren Taylor, who will spearhead awareness and recognition for the Cobalt brand and drive tighter collaboration between product, sales, and marketing, respectively.
    • The People team was joined by Director Sharon Heimowitz. Heimowitz will up-level Cobalt’s People function to a state of world-class excellence across the full employee lifecycle, bringing out the best in each and every person across the entire company.
    • The Community team welcomed Manager of Pentester Community Jon Helmus, a pentester, thought leader and community builder. Jon will oversee the optimization of the pentester lifecycle, recognition and incentivization initiatives, and the overall community strategy.

In addition, members of the Cobalt Core continued to share insight and knowledge with the security community at large. Cobalt pentesters regularly published findings on vulnerabilities, risk assessments, and other research that allows security testers — and, by extension, the businesses they serve — to maximize the impact of pentesting engagements and elevate society’s overall cybersecurity IQ. One such initiative, Cobalt Academia — which launched in Q3 and is spearheaded by seasoned Core member and Pentest Architect Busra Demir — provides free educational content for pentesters at various stages of their career.

In 2020, the Core conducted over 1,500 pentests and found over 12,500 vulnerabilities. (The Cobalt team will distill key learnings and actionable takeaways from these engagements in the next installment of the annual State of Pentesting Report.)

Continued Product Innovation

The product and engineering team made a number of enhancements to make the Cobalt platform even easier to use, ensure high quality results, and streamline communication throughout the pentest engagement. Key 2020 Cobalt platform highlights include:

  • JIRA bi-directional integration: Cobalt now offers the ability for security and development teams to communicate back-and-forth online and in-platform through JIRA. This integration shrinks the time gap to notify testers about changes and helps alleviate the manual workload on security teams during remediation.
  • Explain accepted risk: Customers can mark vulnerabilities that have no measurable impact to their security posture, explain why the risk was defined as acceptable, and capture this additional context in the final pentest report that can be shared with customers and auditors.
  • Copy or delete pentests: Pentest Copy makes it easier to transfer knowledge from a previous to an upcoming pentest with the click of a button and allows for faster pentest launch (in as few as 5 clicks). Because accidentally created pentests or duplicates can clutter the Pentest List, customers are able to delete unwanted pentests, keeping a clean view of the dashboard and helping collaborators focus on more valid / important pentests.
  • Global navigation: Cobalt recently improved its organization level navigation to lower the learning curve for new users. The improved and scalable design makes it simpler for customers to discover features and add new ones.

Additional highly anticipated features will be announced in 2021, all geared toward continuing to increase the efficiency and quality of the time spent on the Cobalt platform.

Industry Recognition

Highland Europe led the Series B funding round. Highland Europe was joined by angels Scott Belsky (chief product officer at Adobe), Soren Abildgaard (executive VP of engineering at Zendesk), Chris Eng (Chief Research Officer at Veracode), Gary Swart (former CEO of oDesk), Elizabeth Tse (former senior VP of Operations at Upwork), Greg Nicastro (former executive VP of Product at Veracode and former Chief Product Officer at CloudHealth Technologies) and Gerhard Eschelbeck (former VP of security and privacy engineering at Google.

Members of the Cobalt team routinely spoke at technology industry events and received third-party recognition for leadership and cybersecurity expertise. This past year, Cobalters ranked among the Top 25 Women Leaders in Cybersecurity and SC Magazine’s Power Players for Women in IT Security. Cobalt places particular emphasis on nurturing the next generation of female cybersecurity leaders, with team members speaking at the Women Leaders Rising Summit, the Executive Women’s Forum Conference, and the Women’s Society of Cyberjutsu Conference.

Cobalt employees also spoke at several top-tier industry conferences including:

To learn more about how Cobalt’s PtaaS platform is keeping businesses protected and how its network of pentesters can help your organization, visit


Cobalt provides a Pentest as a Service (PtaaS) platform that is modernizing the traditional, static penetration testing model. With a globally distributed team, Cobalt is transforming pentesting by providing streamlined processes, developer integrations, and on-demand pentesters who have undergone rigorous vetting. With Cobalt, customers can build their pentest program in as little as five minutes and start a pentest in 24 hours.