Mayhem Blog
Expert insights and tips on application security, API security, and other DevSecOps topics.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Why Non-Functional Testing is Equally Important to Functional Testing
With functional testing, there’s a finite number of ways that a feature can be used. With non-functional testing there’s an infinite number of possibilities. Fuzz testing is an effective solution for addressing those non-functional testing challenges.
The Hacker Mind Podcast: Hunting The Next Heartbleed
For two years Heartbleed was a zero-day in OpenSSL until fuzz testing exposed it. How many others are in the wild now? And how will we find the next one? In this episode I talk about how Heartbleed (CVE 2014-0160) was found and also interview Rauli Kaksonen.
The Hacker Mind Podcast: Bug Bounty Hunters
You’ve probably heard of bug bounties. But did you know there’s an elite group of bug bounty hunters that travel the world? Meet Stok; he’s one of them. In this episode, Stok talks about his beginnings in enterprise security and his transition into the top tier of bug bounty hunters.
The Hacker Mind Podcast: Hacking Voting Systems
While digital voting systems today are more secure today, what about the larger ecosystem, starting from the moment you register until your vote is counted? Who’s keeping those systems secure? In this episode of The Hacker Mind, Dr. Jared DeMott of VDA Labs talks about his work securing voter registration.
The Hacker Mind Podcast: Hacking the Chrome Sandbox
No matter how strong we build our browsers that does not prevent hackers from trying to break new things. In this episode, a security researcher explains how he successfully escaped the Chrome sandbox, and how bug bounties are perhaps a good thing resulting in better security for us all.