Tool integration

Cobalt Integration Guide

Pentest-as-a-Service platform with a public REST API v2 for findings, assets, and pentests

Get a Free API Key

Integrate Cobalt with Vulnetix. Use the Cobalt REST API v2 to pull pentest findings across your assets and engagements, then upload to Vulnetix.

SaaS platformJSONCSV

Run Cobalt in CI

Scan on every push and upload the results to Vulnetix:

- name: Export Cobalt findings
  env:
    COBALT_TOKEN: ${{ secrets.COBALT_TOKEN }}
    COBALT_ORG: ${{ secrets.COBALT_ORG }}
  run: |
    curl -s "https://api.us.cobalt.io/findings"       -H "Accept: application/vnd.cobalt.v2+json"       -H "Authorization: Bearer $COBALT_TOKEN"       -H "X-Org-Token: $COBALT_ORG" | jq '.data' > cobalt-findings.json

- name: Upload to Vulnetix
  run: vulnetix upload --file cobalt-findings.json

Centralise Cobalt results in Vulnetix

Upload Cobalt JSON, CSV output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.

Cobalt documentation ↗

Wire Cobalt into your CI/CD pipeline →