Case Study: Surfdome achieves stronger e-commerce security and PCI compliance with Cobalt Penetration Tests

Surfdome - Customer Case Study

Surfdome, Europe’s premier action sports and lifestyle retailer with over 2.5 million annual website visitors, needed a modern security testing approach to protect customer data and support PCI compliance. Head of Technology Jose Pettoruti selected Cobalt and its Agile/Cobalt Penetration Tests to bring web-application threats to light and give Surfdome confidence that their e‑commerce platform was secure.

Cobalt implemented a program of semi‑annual penetration tests — each a two‑week engagement curated by a CISSP with 2–3 technical domain experts — plus Cobalt Central, a collaborative SaaS platform for findings, PoCs, assignments and reporting. The engagement delivered OWASP- and PCI-aligned reports, vulnerability heat maps and faster remediation workflows; as a result Surfdome gained a demonstrable security posture, ongoing PCI support, and an efficient process to track and fix vulnerabilities with Cobalt.

Surfdome

Jose Pettoruti

Head of Technology