Mayhem Blog

DevSecOps is the expansion of DevOps that includes security professionals as well. The idea is for everyone to be looking at the code together, rather than in silos. This will produce the most robust and resilient software with the least amount of time and cost.

The acceleration of application development has shown no sign of stopping. As a result, we’re seeing increasingly complex, interconnected software. These forces are driving organizations to go beyond merely identifying common security errors or protecting against common attack techniques.

The Application Security Testing market is highly fragmented. From SAST to DAST to SCA to IAST to RASP, what is the best? Our answer: Autonomous testing through fuzz testing and symbolic execution.

In this blog, we’ll walk through the spectrum of risk and the types of solutions that are strongest at addressing each risks.

Unlike in the movies, computers probably won't lead the human race to its demise. In fact, they may do the opposite.

On February 12, 2021, ForAllSecure CEO Dr. David Brumley joined Cloudflare’s Head of Product Security, Evan Johnson, to discuss all things software security, fuzz testing, capture-the-flags (CTFs), and cybersecurity certifications.

As we look into the new year, we see three trends emerging for the new year for application security.

Cyber offense and defense isn’t chess. It’s a game of poker. In chess, you have complete visibility into your opponent’s position and moves. In poker, you lack that visibility, which also happens in the cyber realm.

Incorporating machine learning into your autonomous netsec strategy? Think again. ForAllSecure CEO David Brumley shares the realities and limitations of ML for autonomous security, as well as the criteria to keep in mind for implementing autonomous security into your organization.