Assets are what we pentest.

Our security professionals perform pentests on different types of assets. Learn how to set up your assets for our pentests.

For pentests, an asset is a software component of value. Once you’ve created an asset, you can launch pentests for it.

Asset Types

We can perform pentests on assets in the following categories:

Asset Type Description
Web An online application (app). Includes APIs that supply data to the (Web) app.
Mobile Any application intended for mobile phones or tablets.
API API is an Application Programming Interface. Use for APIs independent of a Web app.
External Network Any network that’s directly exposed to the internet.
Internal Network Any network with either a limited or no interface to the internet.
Cloud Config For systems on “the Cloud,” using services such as Amazon AWS, Microsoft Azure, or Google GCP.

We also support tests that span two categories, including:

  • Web + API
    • If the only APIs you use supply information to your web app, select the Web asset type. We test those APIs as part of web-only tests.
  • Web + External Network
  • Web + Mobile

For assets of multiple types, you may want to set up one or more pentests, depending on the characteristics of your software.

Learn more.

Create an Asset

You can create assets in the following ways:

  • On the Assets page:
    • To add a single asset, select New Asset.
    • To upload assets in bulk in CSV or XLSX format, select Bulk Assets. Once uploaded, you can select an asset to add an image, technology stack, and attachments.
      • If the upload is successful, all your assets from the file are added. Otherwise, no assets are created. Our algorithm doesn’t process the request partially.
      • We don’t prevent you from creating duplicate assets.
  • When setting up a pentest, on the Let’s Get Started screen, select Create a new asset.

You can also use the Cobalt API to create assets.

Asset Details

The Asset screen prompts you for the following information:

View and Modify Assets

Once you’ve created assets, you can view and manage them on the Assets page.

Select the three-dot icon under Action, and then select the desired option:

  • Create a Pentest for this asset
  • Edit Asset to modify asset details
  • Delete Asset, if it doesn’t have associated pentests

To preview a summary of potential vulnerabilities based on the Common Vulnerabilities and Exposures (CVE) standard, hold the pointer over the number under Risk Advisory. To navigate to the detailed list, select the number.

Page listing your assets

To view asset details, select an asset. From here, you can:

  • Create a pentest for this asset
  • Edit asset details
  • Delete the asset, if it doesn’t have associated pentests
  • View associated pentests
  • Preview risk advisories for this asset
Asset details page

Explore Risk Advisories

Preview potential vulnerabilities for your assets.

Was this page helpful?

Yes No Create an Issue

Last modified October.10.2022