In the News


No results for the selected filters.

May 17, 2021

ForAllSecure Named Winner of the Global InfoSec Awards during RSA Conference 2021

SAN FRANCISCO, May 17, 2021 /PRNewswire/ -- ForAllSecure, Inc., a pioneer in autonomous application security, today announced it won Publisher's Choice in Applic...

September 28, 2021

ForAllSecure Named SINET16 Award Winner

Company's Flagship Product, Mayhem for Code, Enables Organizations to Test Software at Machine Speed and Scale

July 28, 2021

ForAllSecure Launches Automated API Security Solution that Can Start Detecting Bugs in Five Minutes

Ridiculously easy-to-use, Mayhem for API provides developers with security, reliability, and performance data before code gets deployed, enabling them to build an...

June 10, 2021

Why API Quality Is Top Priority for Developers

It is no secret that web APIs have become increasingly important to the operation of modern businesses. According to RapidAPI’s Developer Survey and Insights repo...

April 12, 2021

Why Automated Testing of APIs is Critical for Your Business

APIs have taken a foundational role in our society. They power communications, trade and even logistics at the heart of our economy. The API economy is continuing...

October 16, 2020

Fuzzing (fuzz testing) tutorial: What it is and how can it improve application security?

Dr. David Brumley, a professor at Carnegie Mellon University and CEO of ForAllSecure, explains what Fuzzing is and how companies can use it to improve application...

May 13, 2021

Want To Prevent Another SolarWinds? Start With Developers

It already seems like a lifetime ago that the hack of the Orion network management software by SolarWinds consumed the attention of the media, lawmakers and the f...

May 05, 2021

Debating Law Enforcement's Role in the Fight Against Cybercrime

The FBI's action to remove Web shells from compromised Microsoft Exchange Servers sparks a broader discussion about officials' response to cyberattacks.

April 19, 2021

The FBI removed hacker backdoors from vulnerable Microsoft Exchange servers. Not everyone likes the idea

A court order allowed the FBI to enter networks of businesses to remove web shells used by cyber attackers exploiting Exchange vulnerabilities. But what does this...

April 16, 2021

Industry Reactions to FBI Cleaning Up Hacked Exchange Servers: Feedback Friday

U.S. authorities revealed this week that the FBI executed a court-authorized cyber operation to remove malicious web shells from hundreds of compromised Microsoft...

March 13, 2021

America isn't in a cyberwar with Russia and China — it's actually the most sophisticated spy game in human history. And the US is much stronger than it looks.

At universities in China, former military officers teach students to hack into US defense contractors – and give them bounties.

March 05, 2021

SolarWinds: "IT's Pearl Harbor."

What do SolarWinds, Fidelis, FireEye, Microsoft, Mimecast, Palo Alto Networks, and Qualys all have in common? Each and everyone were victims of the SolarWinds sof...

February 23, 2021

The Cybersecurity 202 Network: Connecting cybersecurity experts across government and industry in an ongoing survey.

The Network is a group of high-level digital security experts from across government, the private sector and security research community invited by The Washington...

February 22, 2021

Chinese Hacking Group 'Cloned' NSA Exploit Tool - Researchers: 'Jian' Hacking Tool Targeted Zero-Day Flaw in Windows

A Chinese hacking group reportedly "cloned" and deployed a zero-day exploit developed by the U.S. National Security Agency's Equation Group before Microsoft patch...

January 30, 2021

Data Privacy Day 2021: Aftermath - Part 3

Data privacy has drastically changed in the past year. Massive regulation fines were served and privacy culture rapidly evolved during the COVID-19 pandemic. We a...

January 22, 2021

How Cybersecurity Newbs Can Start Out on the Right Foot

Cybersecurity experts share their savvy tips and useful resources for infosec hopefuls.

January 19, 2021

Security and reliability become one for APIs in 2021

Reliability -- especially for APIs -- is growing because our reliance on APIs is growing, while at the same time how we develop software has changed. Modern softw...

December 21, 2020

81 startups that will boom in 2021, according to the startup experts: venture capitalists

2021 is fast approaching, and the startup market is red-hot as VCs fight harder than ever before to get into deals. It's a stunning transformation from the begin...

November 16, 2020

ForAllSecure Expands Leadership Team to Address Demand for Advanced Fuzz Testing Solution

Industry Veterans from Carbon Black, Zscaler, and Dropbox Join ForAllSecure to Help Companies Secure Mission-critical Software.

November 15, 2020

Developer security is booming as hack-prevention starts earlier than ever: Here are the 25 startups you need to know in this red-hot space

One of the hottest segments in the booming cybersecurity industry is developer security

November 12, 2020

ForAllSecure 2021 Predictions: DevSecOps Trends to Expect

The acceleration of application development has shown no sign of stopping. The result is increasingly complex, interconnected software. These forces are driving o...

November 10, 2020

TechStrong TV - Alex Rebert, Head of Innovation & Co-Founder at ForAllSecure

Alex Rebert of ForAllSecure joins Mitch Ashley for this episode of Digital Anarchist's TechStrong TV

November 10, 2020

Why I’m Not Sold on Autonomous Security

Maybe you’ve heard about a new security product with super-smart AI and Machine Learning capabilities that can root out both known and unknown intrusions. The Int...

November 03, 2020

ForAllSecure Announces First FinTech Customer

Marqeta selects ForAllSecure's fuzz testing security solution to proactively secure API code base. ForAllSecure, a pioneer in automated application security, anno...

October 27, 2020

ForAllSecure Makes Moves into FinTech with Marqeta, a Global Modern Card Issuing Platform

Marqeta selects ForAllSecure's fuzz testing security solution to proactively secure API code base.

October 15, 2020

ForAllSecure Presents The Hacker Mind, a Podcast Dedicated to Decoding the Way Hackers Think

ForAllSecure announced a new bi-weekly podcast The Hacker Mind that uses storytelling to share a new perspective on the practice of hacking. Available on Apple, G...

August 29, 2020

Why The CyberLEAP Act Must Pass

Government employees need training on cybersecurity to ensure our elections, our financial institutions, and even our search for a vaccine are secure.

August 19, 2020

Fuzzing Services Help Push Technology into DevOps Pipeline

As part of a continuous testing approach, fuzzing has evolved to provide in-depth code checks for unknown vulnerabilities before deployment.

August 04, 2020

Cloudflare Selects ForAllSecure to Bring Increased Application Security to its DevOps Pipeline

Advanced fuzz testing solution proactively ensures continuous and secure service to Cloudflare customers.

July 29, 2020

DevSecOps Tutorial

Dr. David Brumley, a professor at Carnegie Mellon University and CEO of ForAllSecure, explains what DevSecOps is and how companies can use it to improve security.

June 01, 2020

Mayhem Hunts Software Bugs For The Pentagon

Mayhem emerged from a 2016 government-sponsored contest at a Las Vegas casino hotel. Now it's used by the military—and Cloudflare.

May 11, 2020

ForAllSecure Awarded $45 Million Contract to Deploy Mayhem Across Branches of U.S. Department of Defense

ForAllSecure awarded a $45 million contract to deploy their 2016 DARPA Cyber Grand Challenging winning technology, Mayhem, across branches of the U.S. Department ...

April 24, 2020

Decipher Security Podcast: David Brumley

David Brumley, professor of electrical and computer engineering at Carnegie Mellon University and CEO of ForAllSecure, joins Dennis Fisher to talk about the impor...

April 01, 2020

OpenWrt is Vulnerable to Remote Code Execution Attacks

For three years, router firmware OpenWrt has been vulnerable to remote code execution attacks.

April 01, 2020

Millions of routers running OpenWRT vulnerable to attack

A vulnerability (CVE-2020-7982) discovered in the package manager of the OpenWRT open source operating system could allow attackers to compromise the embedded and...

April 01, 2020

3-Year-Old RCE Bug Puts Millions Of OpenWRT Devices At Risk

OpenWRT is one of the most popular open-source operating systems powering millions of routers and other devices all over the world. A security researcher has foun...

March 31, 2020

Patch now! Critical flaw found in OpenWrt router software

OpenWrt is an open source operating system used by millions of home and small business routers and embedded devices.

March 31, 2020

OpenWrt code-execution bug puts millions of devices at risk

A partial fix mitigates the risk, but the lack of encryption and other weaknesses remain.

March 30, 2020

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

ForAllSecure cybersecurity researcher, Guido Vranken, uncovers a critical vulnerability in OpenWRT RCE, affecting millions of OpenWRT-based network devices.

March 30, 2020

You know all those stories of leaky cloud buckets taken offline? Well, some may still be there, just badly hidden

OpenWrt pushes update due to vulnerability allowing man-in-the-middle meddling.

March 30, 2020

The Cybersecurity 202: Cybersecurity experts slam child protection bill that risks rolling back encryption

A strong majority of The Cybersecurity 202 Network experts say the EARN IT Act is a bad idea.

March 26, 2020

OpenWrt vulnerability puts routers and other embedded devices at risk

ForAllSecure uncovers a vulnerability in OpenWrt's opkg fork that could have been exploited for the remote execution of arbitrary code.

March 26, 2020

Remote Code Execution Vulnerability Patched in OpenWrt

ForAllSecure uncovers a vulnerability in OpenWrt's opkg fork that could have been exploited for the remote execution of arbitrary code.

March 03, 2020

Entrepreneurs Drive Cybersecurity's Future at RSA Conference

Securing DevOps and SaaS, and managing the human element were dominant trends at Innovation Sandbox, the annual startup competition at RSA 2020 Conference.

February 28, 2020

20 Vendors Making News at RSA Conference 2020

From new startups to established companies, a range of new and updated cybersecurity technologies were announced at RSA Conference 2020.

February 27, 2020

Ars Technicast special edition, part 3: Putting AI to work defending your stuff

In the third and final installation of our podcast mini-series on artificial intelligence, produced in association with Darktrace, we delve into the realm of AI f...

February 25, 2020

#RSAC Innovation Sandbox Crowns Latest and Greatest New Vendors

The annual winner of the Most Innovative Startup is named...

February 19, 2020

Spotlight Podcast: How Machine Learning is revolutionizing Application Fuzzing

ForAllSecure CEO David Brumley talks about application “fuzzing” and how advancements in machine learning technology are allowing security researchers to find mor...

February 06, 2020

RSAC Sets Finalists for Innovation Sandbox

The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.

February 04, 2020

Fuzzit: Building Fuzzing into Continuous Integration Workflow

Far from new, fuzzing is experiencing a resurgence amid the complexity of delivering software faster — especially in the cloud.

December 04, 2019

Java and JavaScript dominated software development in the 2010

ForAllSecure co-founder, Alex Rebert, weighs in on the need for improved security around memory unsafe languages like C and C++.

November 14, 2019

Demystifying a Docker image

ForAllSecure engineer, Marlies Ruck, unveils open source tool, Rootfs Builder, to help eliminate the friction between development and security teams, especially a...

November 08, 2019

Analyzing Matio and STB_VORBIS Libraries With Mayhem

ForAllSecure researcher, Max Koo, uncovers multiple vulnerabilities while taking a look under the hood of Matio and STB-VORBIS.

November 07, 2019

Amazon Kindle, Embedded Devices Open to Code-Execution

ForAllSecure discovers flaws in Das U-Boot affect third-party hardware that uses the universal bootloader as an underlying component.

October 25, 2019

NBC's Press:Here - ForAllSecure CEO David Brumley

ForAllSecure CEO David Brumley appears on NBC's Press:Here to discuss the industry's challenges around slow responses to vulnerability management.

October 08, 2019

Developers: Fuzzing, Symbolic Execution with Regressive Testing Offers App Resilience

Securing your apps can be done through the combination of two advanced techniques -- fuzz testing and symbolic execution -- that offer effective regression testing.

October 07, 2019

Autonomy and the death of CVEs

ForAllSecure CEO David Brumley aims to answer the question: is the manual process of reporting bugs holding back the advent of automated tools?

September 18, 2019

Spotlight Podcast: Security Automation is (and isn't) the Future of Infosec

ForAllSecure CEO talk about the growing demand for security automation tools and how the chronic cyber security talent shortage in North America and elsewhere is ...

September 11, 2019

Beginning Fuzz Cycle Automation

ForAllSecure researcher, Mark Griffin, shares how users can write better harnesses that can be used for fuzz testing campaigns.

September 09, 2019

Netflix bug lets attackers crash your television

ForAllSecure researchers uncover vulnerability that affects software preinstalled on many TVs.

August 30, 2019

CISO priorities: Implementing security from the get-go

Dr. David Brumley, CEO of ForAllSecure, has spent 15 years working on technology that would help users identify vulnerable software. Brumley shares how CISOs can ...

August 28, 2019

Why I'm not sold on machine learning in autonomous security

ForAllSecure CEO David Brumley shares hard realities on the limitations of machine learning in autonomous netsec.

August 20, 2019

Startup Creates Application Security Tools to Scale

An exec from ForAllSecure, who was part of the team that won DARPA’s Cyber Grand Challenge, sheds light on the use of autonomous technology in cybersecurity.

August 13, 2019

Moving on Up: Ready for Your Apps to Live in the Cloud?

Among the complications: traditional security tools work poorly or not at all in the cloud, and if a company screws up, the whole Internet will know.

July 15, 2019

DevOps Chat: Mayhem Testing with ForAllSecure

Secure software depends on people finding vulnerabilities and deploying fixes before they are exploited in the wild. This has lead to a world of security research...

May 09, 2019

How Much Testing Is Enough?

ForAllSecure researcher, Mark Griffin, aims to answer the frequently asked question: "is that enough testing, or should we do more?"

April 20, 2017

AI-powered cybersecurity bot from Pittsburgh firm lands at Smithsonian

Museums are often catalogs of the past. But a new exhibit at the Smithsonian’s National Museum of American History will showcase the possible future of cybersecu...

January 10, 2017

Will AI Technology Usher In a Wave of Security Threats?

Hackers may be able to use machine learning to create a new generation of autonomous attackers, but artificial intelligence can also be used in cyberdefense.

August 30, 2016

Cyber War: How hackers are threatening everything from your bank account to the nation's secrets.

In a room, deep inside a Las Vegas hotel, the world's best hackers are gathering. "You have to go into a backroom... there you're going to find about a dozen tea...

August 19, 2016

Hacking and AI: Moral Panic vs. Real Problems

It’s probably a little too early to be worrying about Skynet.

August 05, 2016

Rise of the hacking machines

Will computers get better at cybersecurity than humans? Experts hope the answer is yes.

August 02, 2016

Seven automated hacking systems will compete for a $2 million prize on Thursday

The final stage of DARPA's Cyber Grand Challenge is coming to Defcon