PALO ALTO, Calif., July 28, 2021 /PRNewswire/ -- ForAllSecure, a pioneer in autonomous application security, announced today the newest addition to its product portfolio, Mayhem for API. Up and running in just five minutes, Mayhem for API is an easy-to-use API testing solution that maintains an organization's velocity by combining API performance, reliability and security results through continuous testing practices. Reinforced by OWASP's Top 10 Web Application Security Risks, Mayhem for API uses fuzz testing to secure APIs from SQL injections, command injections, authentication bypasses, server side request forgeries, and DoS attacks.
In a recent study, 83% of organizations consider API integration a critical part of their business strategy, driven by digital transformation initiatives and cloud application adoption. As organizations adopt these strategies to deliver faster value to customers, there has been an exponential reliance on microservices. This has led to greater diligence on validating API performance, reliability, and security. APIs that are broken, exposed, or hacked can expose sensitive data. Gartner predicts that API attacks will become the most frequent vector for cyberattacks by 2022.
"APIs are a critical part of Roblox's modern application architecture, and we wanted a single solution that would conduct unit testing, regression testing, and non-deterministic testing. Mayhem for API delivered on that," said Rob Cameron, Senior Technical Director at Roblox.
Mayhem for API brings fuzzing automation technology and ease of use to the realm of API testing, allowing developers to find those hard-to-expose defects that only fuzzers are built to find and other API testing tools are not equipped to provide. Unlike other API testing tools, Mayhem for API uses random testing to incrementally build test cases that explore the API's behaviors, and exercise edge cases in the code.
"Mayhem for API was designed with simplicity in mind," said Alex Rebert, Head of Innovation at ForAllSecure. "We're seeing users find bugs in their APIs about 5 minutes after downloading the tool. Once they see that value, our focus on simplicity allows them to apply the tool organization-wide within days."
About ForAllSecure ForAllSecure was founded on the mission to make the world's software secure. Utilizing patented technology from a decade of research at Carnegie Mellon University, ForAllSecure delivers an advanced fuzz testing solution. Fortune 1000 companies in aerospace, automotive, and high-tech partner with ForAllSecure for scalable, autonomous security testing that keeps pace with increasing development speeds and deployment frequencies. DARPA deemed ForAllSecure the winner in the Cyber Grand Challenge, and MIT Technology Review named ForAllSecure in the 50 Smartest Companies list. To learn more about how to efficiently and effectively secure mission critical software, please visit www.forallsecure.com