Mayhem Blog

Last month Guido Vranken hosted a successful Reddit AMA , sharing insight on his experience as a professional vulnerability researcher.

Mel Llaguno raises six challenges to Static Application Security Testing (SAST) analysis, raising questions on the efficacy of SAST for organizations focused on immediate benefits.

Learn about the quality assurance technique that uncovers coding errors and security loopholes during software vulnerability testing and assurance processes.

Fuzz testing is an effective technique for uncovering serious defects in software. From the Heartbleed vulnerability in 2014 to the infamous Jeep Cherokee hacking in 2015, fuzz testing is the technique that has made many high-profile discoveries possible. Consistently, fuzzing is proven to be a powerful tool for ensuring the ...

ForAllSecure researcher, Guido Vranken, uncovers critical memory issue in cereal, a common component within automotive software.

ForAllSecure Engineer, Tyler Nighswander, uncovers vulnerabilities in two popular cryptographic libraries, MatrixSSL and WolfSSL, utilizing Mayhem, a next-generation fuzzer.

Six months ago ForAllSecure started analyzing Docker images. What does this mean? Imagine we have a user who wants us to fuzz their application. How do they give it to us? Do they tar it up? Do they give us access to an environment where it’s running?

On April 24, ForAllSecure CEO David Brumley joins Decipher Security host, Dennis Fisher, to talk about the importance of software security as well as the need for better cooperation between developers and security teams.

ForAllSecure Researcher, Mark Griffin, introduces viewers to automated coverage analysis, a workflow that helps users gain additional value from fuzzing.