Cobalt.io Pricing Overview

Cobalt.io Pricing Explorer

Cobalt.io Pricing Explorer

Cobalt.io Pricing Explorer

Compare pentest plans, estimate credits needed, and benchmark against HackerOne, Bugcrowd & Synack.

Start Free Trial
Start Free Trial

Annual Credit Estimator

Plan:
Web Apps:
API Tests / yr:
Mobile / yr:

Estimated annual spend: —

Key Takeaways

  • Credits-based pricing – 1 credit ≈ 1 day of testing
  • Typical web app pentest: 15–25 credits
  • API pentest: 10–18 credits
  • Annual plans: 100–1,000+ credits/yr
  • Pro includes retests & SLA
  • Fastest-growing modern PtaaS platform

Plans & Credits (2025)

PlanStarting CreditsPrice per CreditBest for
Core100+$320–$450Startups, occasional tests
Pro250+$280–$380Most SaaS & fintech
Enterprise500+$220–$320High-velocity, compliance-heavy

Competitor Comparison (400 credits/yr)

Credits per year:
PlatformEffective $/creditEst. Annual CostNotes
CobaltBest SLA, fastest retests
HackerOne~$420More expensive, broader scope
Bugcrowd~$390Strong bug bounty focus
Synack~$550+Premium vetted researchers

Gotchas

  • Credits expire after 12 months
  • Complex scopes can burn 30–50+ credits
  • Retests cost extra on Core plan
  • Minimum annual commitment on Pro+

Average Ratings

G2 Rating: 4.7 / 5 (680+ reviews)

Capterra: 4.8 / 5 (210+ reviews)

Based on verified reviews as of Dec 2025.

Common Complaints

  • Credits feel expensive for small startups
  • Occasional triage delays on Core
  • Reporting templates less customizable

Common Praises

  • Fastest findings delivery (often
  • Excellent platform & Jira integration
  • Unlimited retests on Pro/Enterprise

Cobalt Plans & Credit Pricing (2025)

PlanCredits IncludedPrice per CreditIncluded Features
Core100–249$320–$450Standard testing, limited retests
Pro250–749$280–$380Unlimited retests, SLA, priority
Enterprise750+$220–$320Dedicated team, custom scopes, API

Volume discounts apply automatically. All plans include platform access and findings triage.

Typical Credit Usage

Asset TypeTypical CreditsNotes
Small Web App10–15Single domain, limited auth
Medium Web App18–25Multiple roles, OAuth
Large/Complex App30–50+Microservices, heavy APIs
REST/GraphQL API10–18Per endpoint count
Mobile App (iOS/Android)15–25Per platform
Retest (Pro+)FreeUnlimited within 90 days

Optimization Tips

  • Bundle multiple small apps into one test to save credits
  • Upgrade to Pro at ~250 credits/yr for free retests
  • Schedule quarterly tests instead of ad-hoc
  • Use Cobalt’s Jira integration to auto-close findings
  • Negotiate hard at 500+ credits — discounts are common