Mayhem for Code

Bleeding-edge defense requires bleeding-edge testing

From 2012 to 2017, the Department of Defense found vulnerabilities in nearly all critical weapon systems under development. Mayhem for Code is a federally-recommended security solution for continuous, automated, accurate testing.

Download Solution Brief

Security is About Getting
Ahead of Attackers

Developmental testing

Static analysis techniques produce high false-positives, slowing development momentum and wasting precious expertise on manual defect validation.

Operational testing

Software composition analysis takes a reactive approach, scanning only for known vulnerabilities in third-party code.

Mayhem for Code Outpaces Attackers

  • Patented technology from a decade of research at Carnegie Mellon University
  • Analyzes target feedback to autonomously generate test cases on-the-fly
  • Scales scarce security resources, allowing them to focus on strategic, not tactical initiatives
  • Accurate and precise fuzzing that uncovers defects with zero false-positives
  • Detailed and actionable results for efficient remediation
  • Development teams are enabled to focus on what they do best: code
  • Mayhem for Code was developed with a federal-first mindset, allowing for on-prem deployments on completely isolated networks
  • Obtain control and flexibility for operational testing
  • Stop inheriting risk from your software supply chain
  • Mayhem for Code acquires knowledge over its targets to autonomously deepens its analysis and expands its code coverage
  • Explore unknown or uncommon attack patterns, commonly leveraged by adversaries, to uncover deep defects

John S. McCain National Defense Act

H.R. 5515—516—SEC 1657

The National Defense Act calls for a report on the enhancement of software security for critical systems, recommending binary analysis and symbolic execution tools developed under the Cyber Grand Challenge of the Defense Advanced Research Projects Agency.

Read More

Mayhem Resources