In the News

No results for the selected filters.

Latest
November 16, 2020

ForAllSecure Expands Leadership Team to Address Demand for Advanced Fuzz Testing Solution

Industry Veterans from Carbon Black, Zscaler, and Dropbox Join ForAllSecure to Help Companies Secure Mission-critical Software.

Featured
October 27, 2020

ForAllSecure Makes Moves into FinTech with Marqeta, a Global Modern Card Issuing Platform

Marqeta selects ForAllSecure's fuzz testing security solution to proactively secure API code base.

Featured
October 15, 2020

ForAllSecure Presents The Hacker Mind, a Podcast Dedicated to Decoding the Way Hackers Think

ForAllSecure announced a new bi-weekly podcast The Hacker Mind that uses storytelling to share a new perspective on the practice of hacking. Available on Apple, Google, Spotify, Amazon Mu...

Featured
August 19, 2020

Fuzzing Services Help Push Technology into DevOps Pipeline

As part of a continuous testing approach, fuzzing has evolved to provide in-depth code checks for unknown vulnerabilities before deployment.

Featured
July 29, 2020

DevSecOps Tutorial

Dr. David Brumley, a professor at Carnegie Mellon University and CEO of ForAllSecure, explains what DevSecOps is and how companies can use it to improve security.

August 29, 2020

Why The CyberLEAP Act Must Pass

Government employees need training on cybersecurity to ensure our elections, our financial institutions, and even our search for a vaccine are secure.

August 04, 2020

Cloudflare Selects ForAllSecure to Bring Increased Application Security to its DevOps Pipeline

Advanced fuzz testing solution proactively ensures continuous and secure service to Cloudflare customers.

June 01, 2020

Mayhem Hunts Software Bugs For The Pentagon

Mayhem emerged from a 2016 government-sponsored contest at a Las Vegas casino hotel. Now it's used by the military—and Cloudflare.

May 11, 2020

ForAllSecure Awarded $45 Million Contract to Deploy Mayhem Across Branches of U.S. Department of Defense

ForAllSecure awarded a $45 million contract to deploy their 2016 DARPA Cyber Grand Challenging winning technology, Mayhem, across branches of the U.S. Department of Defense.

April 24, 2020

Decipher Security Podcast: David Brumley

David Brumley, professor of electrical and computer engineering at Carnegie Mellon University and CEO of ForAllSecure, joins Dennis Fisher to talk about the importance of software securit...

April 01, 2020

OpenWrt is Vulnerable to Remote Code Execution Attacks

For three years, router firmware OpenWrt has been vulnerable to remote code execution attacks.

April 01, 2020

Millions of routers running OpenWRT vulnerable to attack

A vulnerability (CVE-2020-7982) discovered in the package manager of the OpenWRT open source operating system could allow attackers to compromise the embedded and networking devices runni...

April 01, 2020

3-Year-Old RCE Bug Puts Millions Of OpenWRT Devices At Risk

OpenWRT is one of the most popular open-source operating systems powering millions of routers and other devices all over the world. A security researcher has found a critical RCE flaw in ...

March 31, 2020

Patch now! Critical flaw found in OpenWrt router software

OpenWrt is an open source operating system used by millions of home and small business routers and embedded devices.

March 31, 2020

OpenWrt code-execution bug puts millions of devices at risk

A partial fix mitigates the risk, but the lack of encryption and other weaknesses remain.

March 30, 2020

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

ForAllSecure cybersecurity researcher, Guido Vranken, uncovers a critical vulnerability in OpenWRT RCE, affecting millions of OpenWRT-based network devices.

March 30, 2020

You know all those stories of leaky cloud buckets taken offline? Well, some may still be there, just badly hidden

OpenWrt pushes update due to vulnerability allowing man-in-the-middle meddling.

March 30, 2020

The Cybersecurity 202: Cybersecurity experts slam child protection bill that risks rolling back encryption

A strong majority of The Cybersecurity 202 Network experts say the EARN IT Act is a bad idea.

March 26, 2020

OpenWrt vulnerability puts routers and other embedded devices at risk

ForAllSecure uncovers a vulnerability in OpenWrt's opkg fork that could have been exploited for the remote execution of arbitrary code.

March 26, 2020

Remote Code Execution Vulnerability Patched in OpenWrt

ForAllSecure uncovers a vulnerability in OpenWrt's opkg fork that could have been exploited for the remote execution of arbitrary code.

March 03, 2020

Entrepreneurs Drive Cybersecurity's Future at RSA Conference

Securing DevOps and SaaS, and managing the human element were dominant trends at Innovation Sandbox, the annual startup competition at RSA 2020 Conference.

February 28, 2020

20 Vendors Making News at RSA Conference 2020

From new startups to established companies, a range of new and updated cybersecurity technologies were announced at RSA Conference 2020.

February 27, 2020

Ars Technicast special edition, part 3: Putting AI to work defending your stuff

In the third and final installation of our podcast mini-series on artificial intelligence, produced in association with Darktrace, we delve into the realm of AI fighting AI—or what resear...

February 25, 2020

#RSAC Innovation Sandbox Crowns Latest and Greatest New Vendors

The annual winner of the Most Innovative Startup is named...

February 19, 2020

Spotlight Podcast: How Machine Learning is revolutionizing Application Fuzzing

ForAllSecure CEO David Brumley talks about application “fuzzing” and how advancements in machine learning technology are allowing security researchers to find more and more serious vulner...

February 06, 2020

RSAC Sets Finalists for Innovation Sandbox

The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.

February 04, 2020

Fuzzit: Building Fuzzing into Continuous Integration Workflow

Far from new, fuzzing is experiencing a resurgence amid the complexity of delivering software faster — especially in the cloud.

December 04, 2019

Java and JavaScript dominated software development in the 2010

ForAllSecure co-founder, Alex Rebert, weighs in on the need for improved security around memory unsafe languages like C and C++.

November 14, 2019

Demystifying a Docker image

ForAllSecure engineer, Marlies Ruck, unveils open source tool, Rootfs Builder, to help eliminate the friction between development and security teams, especially as organizations look to i...

November 08, 2019

Analyzing Matio and STB_VORBIS Libraries With Mayhem

ForAllSecure researcher, Max Koo, uncovers multiple vulnerabilities while taking a look under the hood of Matio and STB-VORBIS.

November 07, 2019

Amazon Kindle, Embedded Devices Open to Code-Execution

ForAllSecure discovers flaws in Das U-Boot affect third-party hardware that uses the universal bootloader as an underlying component.

October 25, 2019

NBC's Press:Here - ForAllSecure CEO David Brumley

ForAllSecure CEO David Brumley appears on NBC's Press:Here to discuss the industry's challenges around slow responses to vulnerability management.

October 08, 2019

Developers: Fuzzing, Symbolic Execution with Regressive Testing Offers App Resilience

Securing your apps can be done through the combination of two advanced techniques -- fuzz testing and symbolic execution -- that offer effective regression testing.

October 07, 2019

Autonomy and the death of CVEs

ForAllSecure CEO David Brumley aims to answer the question: is the manual process of reporting bugs holding back the advent of automated tools?

September 18, 2019

Spotlight Podcast: Security Automation is (and isn't) the Future of Infosec

ForAllSecure CEO talk about the growing demand for security automation tools and how the chronic cyber security talent shortage in North America and elsewhere is driving investment in aut...

September 11, 2019

Beginning Fuzz Cycle Automation

ForAllSecure researcher, Mark Griffin, shares how users can write better harnesses that can be used for fuzz testing campaigns.

September 09, 2019

Netflix bug lets attackers crash your television

ForAllSecure researchers uncover vulnerability that affects software preinstalled on many TVs.

August 30, 2019

CISO priorities: Implementing security from the get-go

Dr. David Brumley, CEO of ForAllSecure, has spent 15 years working on technology that would help users identify vulnerable software. Brumley shares how CISOs can implement security from t...

August 28, 2019

Why I'm not sold on machine learning in autonomous security

ForAllSecure CEO David Brumley shares hard realities on the limitations of machine learning in autonomous netsec.

August 20, 2019

Startup Creates Application Security Tools to Scale

An exec from ForAllSecure, who was part of the team that won DARPA’s Cyber Grand Challenge, sheds light on the use of autonomous technology in cybersecurity.

August 13, 2019

Moving on Up: Ready for Your Apps to Live in the Cloud?

Among the complications: traditional security tools work poorly or not at all in the cloud, and if a company screws up, the whole Internet will know.

July 15, 2019

DevOps Chat: Mayhem Testing with ForAllSecure

Secure software depends on people finding vulnerabilities and deploying fixes before they are exploited in the wild. This has lead to a world of security researchers and bug bounties dire...

May 09, 2019

How Much Testing Is Enough?

ForAllSecure researcher, Mark Griffin, aims to answer the frequently asked question: "is that enough testing, or should we do more?"

April 20, 2017

AI-powered cybersecurity bot from Pittsburgh firm lands at Smithsonian

Museums are often catalogs of the past. But a new exhibit at the Smithsonian’s National Museum of American History will showcase the possible future of cybersecurity.

January 10, 2017

Will AI Technology Usher In a Wave of Security Threats?

Hackers may be able to use machine learning to create a new generation of autonomous attackers, but artificial intelligence can also be used in cyberdefense.

August 30, 2016

Cyber War: How hackers are threatening everything from your bank account to the nation's secrets.

In a room, deep inside a Las Vegas hotel, the world's best hackers are gathering. "You have to go into a backroom... there you're going to find about a dozen teams playing against each o...

August 19, 2016

Hacking and AI: Moral Panic vs. Real Problems

It’s probably a little too early to be worrying about Skynet.

August 05, 2016

Rise of the hacking machines

Will computers get better at cybersecurity than humans? Experts hope the answer is yes.

August 02, 2016

Seven automated hacking systems will compete for a $2 million prize on Thursday

The final stage of DARPA's Cyber Grand Challenge is coming to Defcon