Mayhem Blog

Expert insights and tips on application security, API security, and other DevSecOps topics.

What’s New: August 2024

We’ve improved import/export capabilities, refined our analysis of Windows targets, and launched the first iteration of automated defect tracking.

Why Automotive Developers Shouldn't Overlook Application Fuzzing

This blog post will explore why application fuzzing is important and how it can complement protocol fuzzing in automotive development.

How to Test Embedded Systems Security Easily with Mayhem

In this blog post, we will demonstrate how Mayhem can be used to easily set up fuzzing campaigns in embedded systems, using IoTGoat’s dnsmasq as an example.

Lessons from Today’s CrowdStrike Outage: How to Navigate Software Release Challenges

Let’s talk about the challenges of delivering global scale software and the things engineering teams can do to improve reliability.

Meet the Mayhem Team at Blackhat 2024

We’re excited to announce that Mayhem will be attending and will have a booth at Black Hat 2024. We look forward to connecting with you!

The Hacker Mind Podcast

The Hacker Mind: Hacking Visual Studio Code Extensions

Rather than use backdoor exploits, attackers are stealing credentials going through the front door - sometimes from the tools we trust.

The Hacker Mind Podcast

The Hacker Mind Podcast: Ghost Token

What if an OAUTH access token wasn’t deleted? This could expose databases to bad actors.

Mayhem Makers

Mayhem Makers: Patrick Bishop, SVP of Revenue

For this month’s employee profile, we talked with Patrick Bishop, SVP of Revenue, who joined the Mayhem team in September, 2022 and is based out of Boston, MA.

Integrating Mayhem With Simulink: How to Test Simulink Model Using Mayhem

Code Security

Mayhem Tips

Integrating Mayhem With Simulink: How to Test Simulink Model Using Mayhem

In this blog post, we'll explore how Mayhem can be seamlessly integrated with MATLAB's Simulink to create more secure applications.

New in 2.6: Intelligent CVSS Scoring for Unknown Vulnerabilities

Mayhem Tips

Code Security

New in 2.6: Intelligent CVSS Scoring for Unknown Vulnerabilities

In this blog post, I’ll go over what CVSS is and how Mayhem leverages it to prioritize your results.

The Hacker Mind Podcast

The Hacker Mind Podcast: Conducting Incident Response in Costa Rica Post Conti Ransomware

Esteban Jimenez of ATTI Cyber talks about his experience with the reconstruction of the cybersecurity system following the Conti ransomware attack.

Lunch and Learn: The Art of Being Secure by Design

Code Security

Thought Leadership

Lunch and Learn: The Art of Being Secure by Design

In this "lunch and learn" style webinar, presenter Lakshmia Ferba guides you through the realm of secure by design principles.

Code Security

Uncovering a Hidden Shellcode Vulnerability

While experimenting with shellcode from a seemingly functional source, I discovered a hidden vulnerability. It took me a while to spot the problem. Can you?

Mayhem Makers

Mayhem Makers: Ryan Goulden, Engineer

“Mayhem Makers” is an employee Q&A series. This month, we talked with Ryan Goulden, an engineer on the Mayhem team, who joined the company in 2014.

Fancy some inbox Mayhem?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.