Mayhem Blog

Expert insights and tips on application security, API security, and other DevSecOps topics.

What’s New: August 2024

We’ve improved import/export capabilities, refined our analysis of Windows targets, and launched the first iteration of automated defect tracking.

Why Automotive Developers Shouldn't Overlook Application Fuzzing

This blog post will explore why application fuzzing is important and how it can complement protocol fuzzing in automotive development.

How to Test Embedded Systems Security Easily with Mayhem

In this blog post, we will demonstrate how Mayhem can be used to easily set up fuzzing campaigns in embedded systems, using IoTGoat’s dnsmasq as an example.

Lessons from Today’s CrowdStrike Outage: How to Navigate Software Release Challenges

Let’s talk about the challenges of delivering global scale software and the things engineering teams can do to improve reliability.

Meet the Mayhem Team at Blackhat 2024

We’re excited to announce that Mayhem will be attending and will have a booth at Black Hat 2024. We look forward to connecting with you!

The Hacker Mind Podcast

The Hacker Mind Podcast: Digital Forensics

So you’ve been hit with ransomware and, for whatever reason, you paid the bitcoin but now the decryptor doesn’t work. Who are you going to call for help? Paula Januszkiewicz, from Cqure , joins The Hacker Mind to discuss her two presentations at SecTor 2021 on digital forensics.

No items found.

10 Gifts for the Developer in Your Life

Are you looking for the perfect gift for the developer or engineer in your life? Look no further than these top ten gift ideas for the holidays!

The Hacker Mind Podcast

The Hacker Mind Podcast: Hacking Behavioral Biometrics

AI is almost good enough at simulating human activity to defeat the biometric systems designed to fight fraud, effectively putting us back at square one. Iain Paterson and Justin Macorin join The Hacker Mind podcast to share insights from their SecTor 2021 talk on hacking behavioral biometrics.

Code Security

Why Fuzz Testing Is Indispensable: Jarkko Lamsa

I recently spoke to Gartner on the addition of fuzz testing to their Critical Capabilities for the Application Security Testing Magic Quadrant. In that conversation, one analyst shared that companies that implement fuzz testing programs never rip them out. Why? They’re just too valuable.

Code Security

Jeff Moss on the Evolution of Hacking at SecTor 2021

Jeff Moss, CSO ICANN and founder of DEF CON/Black Hat, gave the keynote speech at this year's SecTor in Toronto, Ontario, reflecting on the evolution of hacking.

The Hacker Mind Podcast

The Hacker Mind Podcast: Scanning the Internet

Traditional anti-malware research relies on customer systems but what if a particular malware wasn’t on the same platform as your solution software? Marc-Etienne M.Léveillé from ESET joins The Hacker Mind podcast to talk about the challenges of building his own internet scanner to scan for elusive malware.

Mayhem Tips

API Security

Securing Your APIs

In the age of SaaS applications and infrastructure, many architectures are designed around being API-first for managing data ingestion and retrieval. Unfortunately, with this ever increasing critical infrastructure most application testing solutions are not up to the challenge of testing APIs.

The Hacker Mind Podcast

The Hacker Mind Podcast: The Hunt for Ghost #1

Ghost #1 was a digital film projector that should have stayed blacklisted but due to a unique software flaw it continued to produce pirated films. Patrick Von Sychowski from the Celluloid Junkie joins the Hacker Mind podcast to discuss his SecTor 2021 talk on Ghost #1.

Mayhem Makers

Why ForAllSecure Is A 2021 SINET16 Winner

I am proud to announce that ForAllSecure is a 2021 SINET16 Innovation Award winner.

Fancy some inbox Mayhem?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.