Check out what we’ve been working on over the past month:
Global Navigation — When signing into the platform, users had little visibility of new features and improvements because of the navigation panel’s design. We improved top level navigation controls into a simplified version of side navigation that is customized to each user based on their role. This has also improved visibility of high-level features.
Jira Bi-Directional — As new vulnerabilities are found, so far customers had to manually transfer the finding details to their organization’s workflow tool to pass them on to their engineering teams. Once a fix was ready to be tested, customers then had to go back into the Cobalt platform to notify the pentester for a retest. Naturally, this causes multiple unnecessary steps in the workflow and can delay finding retests.
To streamline the process, we introduced Jira Bi-Directional — customers are now able to configure settings for each pentest to auto-push findings to Jira and sync up their status in both environments. A retest is automatically triggered on the Cobalt platform once developers change the Jira ticket’s status.
Note: While Jira Cloud is available for all customers, Jira Server is still in Beta. If you wish to enroll in the Beta program, please reach out to your Customer Success Manager.
Accepted Risk Reason — During a pentest, customers tend to have a certain rationale for setting findings to “Accepted Risk”. When presenting the pentest report to stakeholders and prospects, users often still need to verbally explain or provide supplemental information as to why the finding is “acceptable”.
Pentest team members can now define a reason in the platform when transitioning a finding’s state to “Accepted Risk”. Reasons will show in the finding’s activity feed and the report.
Note: To export this information, a user must select “Full Report” or “Full Report + Finding Details” as the download option.
A modal will appear when a pentest team member selects “Accepted Risk” from the finding’s state dropdown