Mayhem Blog

Expert insights and tips on application security, API security, and other DevSecOps topics.

What’s New: August 2024

We’ve improved import/export capabilities, refined our analysis of Windows targets, and launched the first iteration of automated defect tracking.

Why Automotive Developers Shouldn't Overlook Application Fuzzing

This blog post will explore why application fuzzing is important and how it can complement protocol fuzzing in automotive development.

How to Test Embedded Systems Security Easily with Mayhem

In this blog post, we will demonstrate how Mayhem can be used to easily set up fuzzing campaigns in embedded systems, using IoTGoat’s dnsmasq as an example.

Lessons from Today’s CrowdStrike Outage: How to Navigate Software Release Challenges

Let’s talk about the challenges of delivering global scale software and the things engineering teams can do to improve reliability.

Meet the Mayhem Team at Blackhat 2024

We’re excited to announce that Mayhem will be attending and will have a booth at Black Hat 2024. We look forward to connecting with you!

3 Steps to Automate Offense to Increase Your Security in 2023

Code Security

Thought Leadership

3 Steps to Automate Offense to Increase Your Security in 2023

I was recently challenged to come up with the best methods you can use in 2023 to make the systems you are developing more secure. I realized it boils down to one thing: automating offense as part of your defensive security program.

Thought Leadership

Top 3 Cyber Predictions in 2023 and How You Can Prepare

What will cyber offense start doing this year, and how can you prepare? I’m David Brumley, CEO of ForAllSecure, and here are my top three predictions for offense in 2023.

Mayhem Makers

Mayhem Makers: Shawn Santos, Director of Sales

This is a Q&A series dedicated to our growing company. For this month’s profile, we talked with Shawn Santos, Director of Sales.

The Hacker Mind Podcast

The Hacker Mind Podcast: Tib3rius

Web application security. OSCP exam. Life as a pen tester.

Mayhem Makers

Looking Back: 6 Things ForAllSecure Accomplished in 2022

As we move into 2023, we are taking some time to look back at our accomplishments and milestones over the previous year.

How Mayhem Fits Into the Federal Guidance for Securing the Software Supply Chain

Mayhem Tips

Thought Leadership

How Mayhem Fits Into the Federal Guidance for Securing the Software Supply Chain

In this blog post, we’ll take a deeper look at the NIST guidance for software development. In particular, we’ll look at PW 8.2 in NIST 800-218.

What does the Federal Guidance on Securing the Software Supply Chain Mean for Developers?

Code Security

Thought Leadership

What does the Federal Guidance on Securing the Software Supply Chain Mean for Developers?

In this blog, we’ll take a look at Part One of the Securing The Software Supply Chain series released by the NSA, the CISA, and the ODNI.

How to Use an HTTP Archive (HAR) With Mayhem

API Security

Mayhem Tips

How to Use an HTTP Archive (HAR) With Mayhem

Learn how to fuzz an API without a specification by recording transactions with the API as an HTTP Archive (.har file).

The Hacker Mind Podcast

The Hacker Mind Podcast: Never Mess With A Hacker

Air travel tips from The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick and Robert Vamosi.

Fancy some inbox Mayhem?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.