PALO ALTO, Calif., Aug. 4, 2020 /PRNewswire/ -- ForAllSecure, Inc., a pioneer in automated application security, announced today that Cloudflare, a security, performance, and reliability company, has integrated ForAllSecure's advanced fuzz testing solution, Mayhem, into its product development pipeline. The Cloudflare security and development teams invested in Mayhem as it provided a proactive approach to software security the DevSecOps lifecycle. Recognizing that software is ever-evolving and its attack surface expanding, Cloudflare required continuous security through advanced fuzz testing and selected Mayhem as the best option for their needs.
"There were two main factors that led us to choose Mayhem as our fuzz testing solution: it's a common platform, making it easy to implement, and it runs autonomously," said David Haynes, Cloudflare security engineer. "Developers can give Mayhem their app and it will autonomously start detecting bugs on its own -- out of the box, no harnessing required. I can set it and forget it. Mayhem will reproduce issues on its own, helping developers quickly and easily fix issues. No other fuzzing platform does that right now."
Building on advanced fuzzing techniques, Mayhem delivers powerful continuous security testing by combining fuzzing with the ingenuity of symbolic execution. Mayhem's unique advantage is in its ability to acquire intelligence of its targets over time. As Mayhem's knowledge grows, it deepens its analysis and maximizes its code coverage.
"Ease-of-use and our users' productivity are top priorities for ForAllSecure. Our aim is to make this powerful technique accessible outside of the academic and security research community," said Jeff Whalen, ForAllSecure's Vice President of Product. "Mayhem integrates directly into development workflows, allowing users to continuously test applications with each code commit. With Mayhem, organizations can deliver true automatic security testing where security runs quietly and asynchronously in the background. Cloudflare is a visionary company which quickly grasped and realized the business and technical benefits of continuous testing with Mayhem."
ForAllSecure recently announced a $45 million contract with the U.S. Department of Defense (DoD) to implement Mayhem across multiple organizations. Mayhem is currently being utilized by the Air Force 96th Cyberspace Test Group, the Air Force 90th Cyberspace Operations Squadron, the Naval Sea Systems Command (NAVSEA), the U.S. Army Command, Control, Communication, Computers, Cyber, Intelligence, Surveillance and Reconnaissance Center (C5ISR), as well as multiple other organizations within the DoD.
ForAllSecure was founded on the mission to make the world's software secure. Utilizing patented technology from a decade of research at Carnegie Mellon University, ForAllSecure delivers an advanced fuzz testing solution. Fortune 1000 companies in aerospace, automotive, and high-tech partner with ForAllSecure for scalable, autonomous security testing that keeps pace with increasing development speeds and deployment frequencies. DARPA deemed ForAllSecure the winner in the Cyber Grand Challenge, and MIT Technology Review named ForAllSecure in the 50 Smartest Companies list. Efficiently and effectively secure critical software with ForAllSecure.
SOURCE ForAllSecure, Inc.