Mayhem Blog

On February 12, 2021, ForAllSecure CEO Dr. David Brumley joined Cloudflare’s Head of Product Security, Evan Johnson, to discuss all things software security, fuzz testing, capture-the-flags (CTFs), and cybersecurity certifications.

Our CLI runs on your dev machine and can scan local APIs. The central tool to develop software as a team is a Source Code Management system like GitHub.

You’d think that having an amazing resume, a couple of bug bounties, or a CTF win would land you that dream infosec job. For many, though, that isn’t true. That’s why Tennisha Martin founded Black Girls Hack.

Postman Collections are a great way to document, test, and share your APIs. With Mayhem for API, you can squeeze even more testing out of your existing Postman collections.

API Fuzzing is technique where a comprehensive suite of inputs is generated to test an API. By using fuzzing techniques to generate inputs and observing the response from the application, an API fuzzer can quickly iterate through multitudes of test cases to find weakness in an API’s functionality or security.

With one year of remote work under our belt, it’s a good time to look back on what we have accomplished in the People space here at ForAllSecure.

The To All The Tools I’ve Loved Before series reaffirmed that there’s true love still out there. How are Your Apps and Mayhem doing you ask? Find out in this sequel and final installment.

Shortly after OpenSSL’s Heartbleed, Shellshock was discovered lurking in two-decades old Bash code. How could open source software be vulnerable for so long? This episode looks at how open source projects have for the most part gone untested over time.

In part three of the series, I will discuss the role of test and evaluation in your organization.