Branching Best Practices with Mayhem

Josh Thorngren
November 16, 2022
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

A scenario many of our customers encounter early on when using Mayhem is how to account for branches.

While there’s no “one size fits all” approach, there are a few best practices the ForAllSecure team recommends to ensure that you’re not duplicating efforts, slowing down deployment with testing, or leaving parts of your application unprotected.

Let Mayhem Automatically Manage Test Creation

When incorporating a feature branch into main, you might be changing application functionality significantly or just making a minor tweak. Part of the challenge of testing at this stage is knowing how to test the code from both branches once it's integrated.

Many teams build additional unit tests at this stage or wait until this point to run behavioral tests. Either way, there’s an increased burden on developers with every merge. Because Mayhem generates and performs thousands of tests with each run, this approach doesn’t make sense. Mayhem tests your application as a whole—first party and third party code alike.

If you test on a branch then merge it into main, Mayhem will automatically create new test cases that are more appropriate for the updated application and prune test cases that are no longer necessary or redundant. Mayhem’s algorithms are tuned to always increase coverage so you’re not at risk of losing protection when merging. Keep an eye on Mayhem’s coverage reports to see this in action. 

Take Advantage of Mayhem’s Continuous Testing

Because Mayhem is self-learning and dynamic, the number of test cases are infinite. By enabling Mayhem’s continuous testing, you ensure that all available testing resources are active, constantly generating new test cases and finding new defects against your applications and APIs.

This improves your overall coverage and delivers even stronger protection for your applications. The average Mayhem user sees a 3x increase in defects found after enabling continuous testing. This gives you extra assurance that once your branches are merged, Mayhem will continuously expand coverage and verify how newly introduced code interacts with existing code at runtime. 

By leveraging this extra capacity against your main branch, you’re able to build in a second layer of application security—providing continuous, automated testing for production reliability and security. It’s the “shift right” of Mayhem’s DevSecOps approach.

Share this post

Add a Little Mayhem to Your Inbox

Subscribe to our weekly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

By subscribing, you're agreeing to our website terms and privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Add Mayhem to Your DevSecOps for Free.

Get a full-featured 30 day free trial.

Complete API Security in 5 Minutes

Get started with Mayhem today for fast, comprehensive, API security. 

Get Mayhem

Maximize Code Coverage in Minutes

Mayhem is an award-winning AI that autonomously finds new exploitable bugs and improves your test suites.

Get Mayhem