Director of Offensive Security Research & Community

Cobalt, a penetration testing as a service provider, has launched its Security Program Manager service to help enterprises operationalise and scale offensive security programmes. The service was announced at the RSA Conference in San Francisco. The Security Program Manager provides organisations with a dedicated expert who coordinates testing schedules, manages remediation workflows, and translates technical findings into strategic intelligence for executives. The service aims to address challenges enterprises face when expanding security testing across applications, APIs, cloud infrastructure and emerging technologies. The offering builds on Cobalt's Offensive Security Platform, which combines automation, AI-driven intelligence and expert-led testing. Cobalt's global network includes over 500 vetted ethical hackers with an average of 11 years of experience. The company has raised $295 million to date and serves thousands of customers.

Cobalt introduces Security Program Manager service to help enterprises scale Offensive Security programs. Mar 19, 2026 Est Read Time: 4 min New service provides a dedicated partner to manage pentesting operations, coordinate remediation, and translate security findings into business intelligence * Offloads pentest operations: manages scheduling, coordination, and remediation tracking so internal teams can focus on higher-value security work * Improves visibility and coverage: maintains asset inventory and aligns testing with business priorities to eliminate security blind spots * Translates security into business impact: turns findings into executive-ready insights, drives remediation, and integrates into dev workflows to accelerate secure innovation SAN FRANCISCO-(BUSINESS WIRE) - RSA Conference - Cobalt, the pioneer of penetration testing as a service (PTaaS) and a leading provider of human-led, AI-powered offensive security solutions, today announced the launch of its Security Program Manager service, designed to help enterprises operationalize and scale offensive security programs. Attendees of the RSA Conference can learn more about these new capabilities by visiting the Cobalt team at Booth #N4519 at the Moscone Conference Center. As organizations expand their security testing efforts across applications, APIs, cloud infrastructure, and emerging technologies, many security teams struggle with a growing gap between strategic security objectives and day-to-day execution. Fragmented oversight, engineering silos, and the challenge of translating technical vulnerability data into business-level insights can slow remediation efforts and reduce the effectiveness of offensive security programs. The Cobalt Security Program Manager addresses this challenge by providing organizations with a dedicated expert who acts as an extension of the internal security team. Security Program Managers oversee the logistics of enterprise-scale pentesting programs, coordinate testing schedules across development teams, and ensure remediation workflows align with broader business and security goals. "Offensive security programs are becoming more complex as attack surfaces expand and development cycles accelerate," said Paul Zymba, Senior VP of Customer Success, Cobalt. "Our Security Program Manager is a service that helps organizations move beyond ad hoc pentesting by providing the operational leadership needed to run a programmatic, continuous security program that delivers measurable risk reduction." Security Program Managers help organizations streamline pentesting operations and ensure testing results translate into actionable improvements across the business. Key benefits of the service include: * Reclaim Your Team's Time: Security Program Managers coordinate with development and engineering teams to schedule pentests, manage administrative logistics, and track remediation progress, reducing the operational burden on internal security teams. * Eliminate Security Blind Spots: By maintaining a comprehensive inventory of assets and aligning testing cadences with corporate security objectives, Security Program Managers ensure continuous visibility into the organization's security posture. * Secure Executive Buy-In: Security Program Managers translate technical findings into strategic intelligence and performance metrics, helping security leaders demonstrate ROI and communicate risk reduction to executive stakeholders. * Accelerate Innovation Cycles: Cobalt integrates pentesting workflows with common development tools such as Jira, GitHub, and Slack, enabling organizations to embed security into development pipelines without disrupting engineering velocity. The Security Program Manager builds on the broader Cobalt Offensive Security Platform, which combines automation, AI-driven intelligence, and expert-led testing to deliver offensive security at enterprise scale. By integrating automated reconnaissance, vulnerability discovery, and intelligence-driven triage with human-led testing, Cobalt enables organizations to run continuous security programs that evolve alongside their environments. "Having a dedicated Security Program Manager ensures consistency across our pentesting program," said Jamie Strickland, Security Analyst Lead at Patterson Companies. "They understand exactly what results we need and have become exceptionally nimble at managing tester and team member questions. By looping in the right internal stakeholders, they ensure our projects always stay on track. I know I can rely on them to handle complex questions and tailor communications for my internal audience." Cobalt offensive security services span application, network, API, cloud, and emerging AI systems, and include capabilities such as web application pentesting, mobile testing, cloud configuration reviews, attack surface management, red teaming, and AI and LLM application testing. These services are delivered by the Cobalt Core, a global community of more than 500 vetted ethical hackers who average over 11 years of pentesting experience. About Cobalt Cobalt is the pioneer in pentesting as a service (PTaaS) and a leader in offensive security services. Cobalt Labs, Inc. is focused on combining talent and technology with speed, scalability, and expertise. Thousands of customers and hundreds of partners rely on the Cobalt Offensive Security Platform, along with 450+ trusted security experts, to find and fix vulnerabilities across their environments. By enabling faster pentest launches, real-time collaboration with pentesters, and seamless integration with remediation workflows, Cobalt Labs, Inc. help organizations identify critical issues and accelerate risk mitigation so they can operate fearlessly and innovate securely. Cobalt maintains an outstanding NPS of 9.12, reflecting its dedication to customer satisfaction. Read its reviews on G2 to see why customers love Cobalt Labs, Inc.. More at https://www.cobalt.io/. Follow Cobalt on LinkedIn and X. Media Contact: Leslie Kesselring Kesselring Communication for Cobalt [email protected] About Cobalt. Cobalt combines talent and technology to provide end-to-end offensive security solutions that enable organizations to remediate risk across a dynamically changing attack surface. As the innovators of Pentest as a Service (PtaaS), Cobalt empowers businesses to optimize their existing resources, access an on-demand community of trusted security experts, expedite remediation cycles, and share real-time updates and progress with internal teams to mitigate future risk. More By Cobalt Never miss a story. Stay updated about Cobalt news as it happens

Cobalt Terms of Service ranked among top two competitors for Customer Favorability by TermScout. Mar 10, 2026 Est Read Time: 3 min Independent certification validates fairness and transparency of the Cobalt standard Terms of Service, reducing legal friction and accelerating enterprise procurement SAN FRANCISCO-(BUSINESS WIRE)-Cobalt, the pioneer of penetration testing as a service (PTaaS) and a leading provider of human-led, AI-powered offensive security solutions, today announced it has earned TermScout's TrustMark(TM) designation for Customer-Favorable Contract Terms following an independent Certify analytics review. It achieved an 80% Customer Favorability Score, placing the company within the top 7% of all vendors benchmarked by TermScout. This certification validates that the company's Terms of Service meet rigorous third-party benchmarks for fairness, transparency, and market alignment. The TrustMark(TM) designation is based on a detailed evaluation conducted through TermScout's Certify analytics platform, which combines AI-driven analysis with expert human legal review. TermScout assesses more than 750 data point signals and benchmarks contract language against thousands of B2B technology agreements. In this case, Cobalt elected to benchmark its Terms of Service directly against defined competitors in its category to validate its relative market positioning. The review includes key clauses such as indemnification, intellectual property, limitation of liability, warranties, data protection, and termination rights to determine whether terms are balanced and commercially reasonable. "In an industry where complex legal terms often create barriers to entry, Cobalt has prioritized contract transparency," said Olga V. Mack, CEO of TermScout. "Our analysis confirms that Cobalt's Terms of Service are among the most customer-favorable in the market. By earning the TrustMark(TM) designation, Cobalt signals to buyers that its contract structure is transparent, balanced, and aligned with market standards." "Security buyers are looking for companies that are easy to do business with and demanding greater transparency across every aspect of the vendor relationship, from testing methodologies to legal agreements," said Chris Essex, Chief Revenue Officer, Cobalt. "Earning the TermScout TrustMark(TM) reinforces our commitment to trust and clarity. By proactively validating that our Terms of Service are balanced and fair, we reduce negotiation friction and accelerate procurement cycles." For security leaders and procurement teams, the certification provides an independent trust signal that streamlines legal review, reduces back-and-forth redlines, and shortens the time to contract. This commercial integrity supports the company's broader approach to offensive security, which empowers organizations to continuously find and remediate risk across their attack surface. By combining industry-leading technology with human expertise, Cobalt provides a programmatic approach to risk reduction with unmatched speed and scale. About Cobalt Cobalt is the pioneer in pentesting as a service (PTaaS) and a leader in offensive security services. Cobalt Labs, Inc. is focused on combining talent and technology with speed, scalability, and expertise. Thousands of customers and hundreds of partners rely on the Cobalt Offensive Security Platform, along with 450+ trusted security experts, to find and fix vulnerabilities across their environments. By enabling faster pentest launches, real-time collaboration with pentesters, and seamless integration with remediation workflows, Cobalt Labs, Inc. help organizations identify critical issues and accelerate risk mitigation so they can operate fearlessly and innovate securely. Cobalt maintains an outstanding NPS of 9.12, reflecting its dedication to customer satisfaction. Read its reviews on G2 to see why customers love Cobalt Labs, Inc.. More at https://www.cobalt.io/. Follow Cobalt on LinkedIn and X. About TermScout(TM) TermScout(TM) is the leading contract intelligence platform that converts complex legal terms into structured, benchmarked contract data and enables independent certification through TrustMark(TM). For more information about TermScout(TM), visit www.TermScout.com. Media Contact: Leslie Kesselring Kesselring Communication for Cobalt [email protected] About Cobalt. Cobalt combines talent and technology to provide end-to-end offensive security solutions that enable organizations to remediate risk across a dynamically changing attack surface. As the innovators of Pentest as a Service (PtaaS), Cobalt empowers businesses to optimize their existing resources, access an on-demand community of trusted security experts, expedite remediation cycles, and share real-time updates and progress with internal teams to mitigate future risk. More By Cobalt Never miss a story. Stay updated about Cobalt news as it happens