Mayhem Case Studies

Could the nudges and prompts like those from our Fitbits and Apple watches be effective in enforcing good security behavior as well?

Learn about what the Mayhem team has been up to and our upcoming events planned for June 2023.

With Google’s recent decision to change the lock icon, I’ve been spending a lot of time thinking about TLS/SSL - and certificate transparency in general. In this blog post, I’ll explore both how Certificate Transparency is helpful and the downsides, including the way it shares users' information and the rise of beg bounties.

Say you’re an organization that’s been hit with ransomware. At what point do you need to bring in a ransomware negotiator? Should you pay, should you not? Mark Lance, the VP of DFIR and threat intelligence for GuidePoint Security, provides The Hacker Mind with stories of ransomware cases he’s handled.

In this blog post, we'll delve into the five essential boxes that your DevSecOps tools need to check.

There are a lot of options for software security testing tools. How do you know which ones are right for you? In this blog post, I'm going to cover a simple two-step process that will allow you to pick the best software security tool for your organization.

Learn what regression testing means, how it affects security, and three reasons why modern teams need regression testing to complement other security testing strategies.

This blog post explores the DevSecOps best practices that development teams can use to ensure that security is ingrained in the development process.

Small to Medium Business are, today, the target of APTs and ransomware. Often they lack the visibility of a SOC. Or even basic low level threat analysis. Chris Gray of Deepwatch talks about the view from the inside of a virtual SOC.