– USA, CA – Cobalt.io, the cybersecurity platform that connects human penetration testers with companies looking to test the robustness of their software, has raised $29 million in Series B funding round led by growth-stage experts Highland Europe bringing its total funding level to $37 million.
Concurrent with the financing, Gajan Rajanathan joins the board from Highland.
“The digitization of inefficient manual processes has continued to drive value for enterprises, and cybersecurity is no exception. By providing an automated and collaborative environment for DevOps professionals to engage with cybersecurity experts, Cobalt is disrupting a critical part of the application security and compliance value chain. We were impressed with what Jacob and his co-founders have accomplished within such a short period, and believe in their vision to democratize access to the best cybersecurity talent in a transparent manner.” said Gajan Rajanathan from Highland Europe.
For the Series B round Highland was joined by angels Scott Belsky (chief product officer at Adobe), Soren Abildgaard (executive VP of engineering at Zendesk), Chris Eng (Chief Research Officer at Veracode), Gary Swart (former CEO of oDesk), Elizabeth Tse (former senior VP of Operations at Upwork), Greg Nicastro (former executive VP of Product at Veracode and former Chief Product Officer at CloudHealth Technologies) and existing angel investor Gerhard Eschelbeck (former VP of security and privacy engineering at Google).
The new funding will go towards expanding global usage and continuing development of the Cobalt platform, which pioneered the Penetration test as a Service model. The breakneck pace of technology innovation has triggered increased demand for sophisticated human cybersecurity experts, who work to find vulnerabilities in software – a process known as ‘penetration testing’ or ‘pentesting’. While automated cybersecurity screening is important, systematic security checks require human ingenuity and rigorous compliance reviews.
Cobalt was founded in 2013 by four Danish co-founders – Jacob Hansen, Esben Friis-Jensen, Jakob Storm and Christian Hansen, all self-identified outsiders to the security world. The team struggled for traction with early-stage investors for its original ‘bug bounty’ business model, in which testers were paid based on the vulnerabilities they found. This forced a rethink, leading the team to innovate its product as well as execute with impressive capital efficiency.
Cobalt now has more than 500 clients, including GoDaddy, Vonage, Axel Springer and MuleSoft, and around 300 pentesters on its platform. Customers are globally distributed, with the US as Cobalt’s largest market. The company’s growth has accelerated in the first half of 2020, in spite of the global pandemic, with the company operating at breakeven. Over the past four years, Cobalt has conducted thousands of pentests; its annual testing figures are doubling year on year, and its rate of growth is increasing. As technology buying decisions become more agile and remote-first, Cobalt’s security certification process enables software and internet companies to navigate release cycles faster while ensuring trust and efficiency in the procurement process.
“Organizations do business globally and digitally, yet traditional pentesting is delivered locally via a PDF,” said co-founder and CEO, Jacob Hansen. “The pentesting industry doesn’t need another cool tool, it needs people and process innovation. That is why we created a way to engage the best cybersecurity talent, via our pentest management platform, allowing customers to move from a static pentest to platform-driven pentest programs. Cobalt ultimately drives better security and improves return on investment for each customer.”
“Sometimes it’s by solving unsexy problems that you revolutionize a whole industry,” said Caroline Wong, Chief Strategy Officer of Cobalt. “Consultancies have relied on the story that the hardest part of pentesting is hacking the software. Actually, we’ve known for decades what the most pervasive technical problems are and how to address them. The much harder part is connecting with the right people who can do the technical security work, and delivering the results to the development team who can fix the vulnerability.”
From a customer’s perspective, Cobalt’s PtaaS approach opens up a global marketplace of talent, enabling pentesters to collaborate with one another and companies to easily locate specific expertise. This raises the quality bar and reduces the time to start testing from 2-4 weeks to as little as 24 hours. Every tester is thoroughly vetted; the small percentage of applicants accepted onto the platform undergo ongoing peer review to guarantee high-quality output.
Once pentesting begins, Cobalt’s platform logs issues as they arise. It visualizes them on a dashboard and connects seamlessly to development tools such as JIRA, so developers can quickly take action on any breaches and notify pentesters – creating a dynamic, real-time feedback loop. This also allows security managers at client companies to oversee the entire process, with immediate visibility for the first time into which security flaws have been fixed, and the ability to request instant retests where needed.
Cobalt’s platform is also able to collect rich data because, unlike the traditional model, pentesting results aren’t stored and sent in static documents, but rather in a dynamic online repository. This allows the client to improve the security of their customers by surfacing and remediating the types of vulnerability that are affecting them most over time. Cobalt is quickly establishing thought leadership in this critical area of cybersecurity, releasing its annual ‘State of Pentesting’ report, and expects to continue to enrich its business insights and product features in the future.
About Highland Europe
Highland Europe invests in exceptional growth-stage software and internet companies. Active in Europe since 2003 as Highland Capital Partners and formally launched in 2012, Highland Europe has raised over €1 billion and has invested in companies such as Adjust, ContentSquare, GetYourGuide, Malwarebytes, MatchesFashion, NewVoiceMedia, Nexthink, Spot.io, WeTransfer, Wolt and Zwift. Highland’s collective history of investments across the US, Europe and China includes 46 IPOs and 19 billion-dollar-plus companies.
Cobalt provides a Pentest as a Service platform that is modernizing the traditional, static penetration testing model. With a globally distributed team and offices in San Francisco, Boston and Berlin, Cobalt is transforming pentesting by providing streamlined processes, developer integrations, and on-demand pentesters who have undergone rigorous vetting. With Cobalt, customers can build their pentest program in as little as five minutes and start a pentest in 24 hours.
For more information: https://cobalt.io/
- Disclaimer - News, data, and statements included in this release are intended exclusively for general information purposes. Talent4Boards does not guarantee that news is accurate or about the correct person and accepts neither liability for the consequences of the reader’s reliance, nor responsibility for the accuracy of the information. Nothing in this release should be considered for decisions about referred securities. Products and brand names may be trademarks or registered trademarks of their respective owners.