Cybersecurity Platform Cobalt.io Secures $29 Million

By Noah Long • Aug 23, 2020
  • Cybersecurity platform Cobalt — a company that connects human penetration testers (sometimes known as ‘ethical hackers’) with companies looking to test the robustness of their software — announced that it has raised $29 million

Cybersecurity platform Cobalt — a company that connects human penetration testers (sometimes known as ‘ethical hackers’) with companies looking to test the robustness of their software — announced that it has raised $29 million from investors to continue its global expansion. This brings the total funding level to $37 million.

The Series B round of funding was led by growth-stage experts Highland Europe. And Gajan Rajanathan joins the board from Highland. Cobalt was founded in 2013 by four Danish co-founders: Jacob Hansen, Esben Friis-Jensen, Jakob Storm and Christian Hansen, all self-identified outsiders to the security world.

With the Series B round, Highland was joined by angels Scott Belsky (chief product officer at Adobe), Soren Abildgaard (executive VP of engineering at Zendesk), Chris Eng (Chief Research Officer at Veracode), Gary Swart (former CEO of oDesk), Elizabeth Tse (former senior VP of Operations at Upwork), Greg Nicastro (former executive VP of Product at Veracode and former Chief Product Officer at CloudHealth Technologies) and existing angel investor Gerhard Eschelbeck (former VP of security and privacy engineering at Google).

The team had struggled for traction with early-stage investors for its original ‘bug bounty’ business model where testers were paid based on the vulnerabilities they found. So this forced a rethink and led the team to innovate its product as well as execute with impressive capital efficiency.

Now Cobalt has over 500 clients, including GoDaddy, Vonage, Axel Springer and MuleSoft, and around 300 pentesters on its platform. And customers are globally distributed with the US as Cobalt’s largest market.

This new funding round will go towards expanding global usage and continuing development of the Cobalt platform — which pioneered the Penetration test as a Service (PtaaS) model. And the technology innovation has triggered increased demand for sophisticated human cybersecurity experts, who work to find vulnerabilities in software – a process known as ‘penetration testing’ or ‘pentesting’. While automated cybersecurity screening is important, systematic security checks require human ingenuity and rigorous compliance reviews.

The company’s growth especially accelerated in the first half of 2020 with the company operating at breakeven. And over the past four years, Cobalt has conducted thousands of pentests, annual testing figures are doubling year on year, and its rate of growth is increasing. And as technology buying decisions become more agile and remote-first, Cobalt’s security certification process enables software and internet companies to navigate release cycles faster while ensuring trust and efficiency in the procurement process.

KEY QUOTES:

“Organizations do business globally and digitally, yet traditional pentesting is delivered locally via a PDF. The pentesting industry doesn’t need another cool tool, it needs people and process innovation. That is why we created a way to engage the best cybersecurity talent, via our pentest management platform, allowing customers to move from a static pentest to platform-driven pentest programs. Cobalt ultimately drives better security and improves return on investment for each customer.” 

— Jacob Hansen, co-founder and CEO of Cobalt

“Sometimes it’s by solving unsexy problems that you revolutionize a whole industry. Consultancies have relied on the story that the hardest part of pentesting is hacking the software. Actually, we’ve known for decades what the most pervasive technical problems are and how to address them. The much harder part is connecting with the right people who can do the technical security work, and delivering the results to the development team who can fix the vulnerability.”

— Caroline Wong, Chief Strategy Officer of Cobalt

“As someone who oversees security for a large and diverse portfolio of web applications, traditional pentesting simply cannot keep pace. We need real-time insight. Cobalt’s unique delivery model meets this need. All our business units have embraced the platform, which is testament to its ease of use, quality of the test findings, and ability to deliver real results.”

— Henning Christiansen, Chief Information Security Officer of Axel Springer

“We are the leading API management and integration platform, and it is our job to keep customer data safe and protected. During a pentest we need flexibility and speed, which is what Cobalt gives us — in addition to connecting us to the best talent.”

— Sergey Stelmakh, Platform Security Architect of MuleSoft

“The digitization of inefficient manual processes has continued to drive value for enterprises, and cybersecurity is no exception. By providing an automated and collaborative environment for DevOps professionals to engage with cybersecurity experts, Cobalt is disrupting a critical part of the application security and compliance value chain. We were impressed with what Jacob and his co-founders have accomplished within such a short period, and believe in their vision to democratize access to the best cybersecurity talent in a transparent manner.”

— Gajan Rajanathan at Highland Europe