Mayhem Blog
Expert insights and tips on application security, API security, and other DevSecOps topics.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
The Hacker Mind Podcast: Fuzzing Crypto
For some people, crypto means cryptography. For others, it means cryptocurrency. Fortunately, in this episode, we’re discussing vulnerabilities in both. Guido Vranken returns to The Hacker Mind to discuss his CryptoFuzz tool on GitHub, as well as his experience fuzzing and finding vulnerabilities in cryptographic libraries and also within cryptocurrencies.
The Hacker Mind Podcast: Going Passwordless
Passwords are everywhere, but they probably weren't intended to be used as much as they are today. Is there something more secure? Something better? Yes. Simon Moffatt from CyberHut joins The Hacker Mind to discuss how identity and access management (IAM) is fundamental to everything we do online today.
The Roles of SAST and DAST and Fuzzing in Application Security
This blog post provides a general overview of the roles and importance of Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) in Application Security Testing (AST), as well as how fuzzing fits into this picture.
The Hacker Mind Podcast: Fuzzing Message Brokers
Fuzzing makes it possible to locate vulnerabilities even in “safe” environments like Erlang, a language designed for high availability and robust services. Jonathan Knudsen from Synopsys joins The Hacker Mind to discuss his presentation at SecTor 2021 on fuzzing message brokers such as RabbitMQ and VerneMQ, both written in Erlang.
Why The Next-Generation Of Application Security Is Needed
From driverless cars to cryptocurrency, software reimagines possibilities. With software standing at the core of everything we do, we find ourselves pushing out code faster than ever. As we continue to accumulate security debt and struggle to solve the cybersecurity workforce shortage, it becomes clear that we’re living on borrowed security time.
5 Steps to Securing Fuzz Testing Budget
Integrating fuzzing as a part of your DevOps pipeline can deliver big results: security and development alignment, shortened feedback and testing cycles, and clear insight into what is -- and isn’t -- being tested. Here’s a tried-and-true 5 step checklist to help you get financial buy-in from your management chain.