Sales Deck
Messaging
Mostly Objections
Playbook
Pot Luck
100

Name 4 compliances we help our customers achieve.

  1. HIPAA

  2. PCI

  3. SOC-2

  4. Crest

  5. others?

100

Someone malicious who attempts to gain unauthorized access or information by exploiting vulnerabilities is known as a: A. Hacker, B. Attacker C. Malicious Actor, D. Adversary

B. Attacker

100

Objection: "We don’t have budget for a subscription-based pen test service."

You’ll be surprised at how inexpensive a Cobalt program is compared to the traditional consultancies.

100

______ is a clearly defined series of pen tests designed to systematically identify and remediate vulnerabilities in one or more assets or asset groups.

Pen test Program

100

Who led Cobalt's $29M Series B round of funding?

Highland Europe

200


Cobalt's 3 key value props are Test ______ , Remediate ___________ , and Make Security __________ .


Faster, Smarter, Stronger

200

"The _________ is designed to walk users through all the critical steps to create a thorough pen test brief in a simple and efficient manner. It also allows teams to be very responsive to urgent requests coming from the product teams and spin up pen test programs on short notice.”

Pen test Wizard

200


_______________ makes it easier to transfer knowledge from a previous pen test to an upcoming one with a click of a button. This feature reduces security teams’ manual workload and allows for faster pen test launch in as little as 5 clicks.


Pen Test Copy

200

______ combines a SaaS platform with an exclusive community of testers, you can deliver real-time insights to remediate quickly and innovate securely. 

PTaaS

200

Who is our Event Marketing Manager for SMB?

Sara Sousa

300

Why is the traditional pen testing model ineffective?

It simply doesn't scale.

300

"Our ____________ helps you gain transparency into the pen test process with a checklist showing test progress and coverage of OWASP ASVS methodology, as well as custom checklists based on vendor best practices.”

Coverage Checklist
300

What does "OWASP" stand for?

Open Web Application Security Project

300

What are the 3 stages on the Maturity Spectrum?

Immature, Maturing, Mature

300

Name the 4 Cobalt Founders.

Jacob Hansen, Jakob Storm, Christian Hansen, Esben Fries-Jensen

400

Name 3 of 4 components of fast and frequent pen testing.

  1. Plan

  2. Source

  3. Test

  4. Fix

400

Name this value prop: “By seamlessly integrating our platform into your security and development tools and workflows, our pen testers collaborate with your team to prioritize and remediate quickly.”

Remediate Risk Smarter

400

Objection: "I don’t know if I can trust contract pen testers."

"Let me show you our VETTING process. We verify each testers skills and certifications, execute NDAs, background checks etc. Only 5% of applicants are accepted.

400

Name one pain point of the Economic Decision Maker.

  1. Increase pressure from customers to keep their data safe

  2. Lack of understandable data (too technical)

  3. Not easily convinced of ROI of IT spending

  4. Responsible for all strategic initiatives

400

Who is Cobalt's Chief Product Officer?

Eric Brinkman

500

Name 2 of the benefits of “Insights” in the platform.

  1. Gauge performance over time

  2. Translate security risk into business risk

  3. Know where to focus resources

500

Name this value prop: “Mature your security program through a scalable, data-driven approach to pentesting”

Make Security Stronger

500

Objection: "We don't need pen testing.  We already use a scanner."

Scanners help in filling in some of the gaps, but to ensure complete coverage MANUAL pen-testing can truly VALIDATE your vulnerabilities and gauge the risk.

500

Name one pain point of the Technical Decision maker.

  1. Customer Security Requests

  2. Compliance Needs

  3. Resource Constraints (time and talent)

  4. Security Program Immaturity

500

Who won the "Security Expert of the Year" Award last week at the Cyber Defense Magazine's Global InfoSEc Awards?

Caroline Wong

600

Name 2 of the 4 reasons that legacy pen testing is complicated.

1. Planning in Excel

2. Sourcing local consultants

3. Results delivered in .pdf

4. Manually log issues in Jira

600

What is the Cobalt tagline?

Modern pentesting for security and development teams.

600

We can only select a pen test vendor that can stay on pace with our demanding SDLC and release cycles.

With our subscription CREDIT-BASED MODEL, we make it easy to stay on pace with your SDLC/release cycle. We will help license the right amount of credits into your “credit bank” so that you can easily start a pen test with us with only 24 HOURS' NOTICE.

600

Name 2 of our 3 Customer-facing resources

Thought Leadership, Case Studies, Platform Content

600

What was Cobalt's original name?

CloudCurity