Mayhem Blog

Today, we are excited to announce the expansion of Mayhem with the addition of a new offering: Mayhem for API, Enterprise Edition.

Regression testing is the practice of re-running functional and non-functional tests to ensure that previously developed and tested software still performs after new code commits are submitted.

After breaches like SolarWinds, companies pledge to improve their digital hygiene. What if they don’t? And what parallels might infosec learn from COVID-19? In this episode, Mike Ahmadi draws on his years of experience in infosec and his years hacking medical devices.

This framework is a model for framing the way you evaluate the economic return of investing in fuzz testing or other comparable solutions. Organizations can also use this framework to help predict which fuzz testing solutions will offer the most value based on organizational needs.

As we look into the new year, we see three trends emerging for the new year for application security.

Irrespective of what industry you’re in and where you’re located in this world, 2020 has been an eventful year. This post lists a few of ForAllSecure’s 2020 highlights.

Introduction Embedded applications are some of the most prolific software out there in the world. Whether it be routers, IoT devices or SCADA systems, they are very varied in architecture, use case, and purpose. Very few of these devices have security in mind when they were built.

For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and reported the vulnerability. In this episode, Guido Vranken talks about his approach to hacking, about the differences between memory safe and unsafe languages, and more.

If you haven’t given much thought on what holiday gift to get the fuzzing pro in your life, fear not! Here is a gift guide inspired by the needs and wants of ForAllSecure’s very own security experts.