By David Gerry, CEO, and Dr. David Brumley, CEO, Co-Founder of Mayhem Security
We are thrilled to announce that Bugcrowd has acquired Mayhem Security, a world-class innovator and pioneer in AI offensive testing.
This acquisition marks a strategic investment in the power of combining human ingenuity with AI. It underscores Bugcrowd’s continued dedication to progressing cybersecurity innovation for customers and hackers. We are building the industry’s first truly adaptive security platform, enabling our customers to anticipate, test, and defend at unprecedented scale. With Bugcrowd and Mayhem, security teams will truly be able to shrink their attack surface.
Check out our joint interview to learn more about our vision for this acquisition and how uniting human ingenuity with AI will impact our customers.
<br /> Powered by <a href="https://youtubeembedcode.com">how to embed youtube video</a> and <a href="https://xn--sms-ln-som-beviljar-alla-kcc.se/">lån utan uc hög beviljandegrad</a>
There is simply no denying the fact that every organization is inherently vulnerable. The attack surface spans multiple clouds, SaaS platforms, and connected devices. It fluctuates at a scale no human can manage, creating noise that makes it almost impossible to assess risk.
Adversaries are actively engineering AI-accelerated attacks, exploiting an endless supply of known and emerging vulnerabilities and moving laterally across environments at breakneck speed. Defenders barely have any time to react, let alone deflect.
Security and business leaders are reminded with every breach in the news that playing defense is a losing game. Ultimately, humans alone lack the scale and speed to keep pace with attackers, yet machines and AI lack the creativity and ingenuity to anticipate threat actors and outsmart them.
The answer to this global challenge is a preemptive approach to cybersecurity. This approach combines human ingenuity with machine speed and scale. Ultimately, organizations can’t make human developers scale, but with Bugcrowd and Mayhem, they can teach AI how to act like a developer.
Security teams need a converged platform for AI and human testing that empowers them to continuously detect known and new vulnerabilities, both pre-release and post-release. Teams need to be able to view, manage, and score all assets for risk in real time, taking action on their attack surface to rapidly close gaps and anticipate where they may appear next.
Uniting Bugcrowd with Mayhem is incredibly exciting news for our entire community, from customers to hackers to partners to employees.
Bugcrowd customers can benefit from AI-automated, noise-free testing coverage that extends into their CI/CD lifecycle, helping them ship safer code faster at a lower cost and saving hundreds of developer hours per year. This will complement the Crowd-led testing they do post-release to find critical defects that scanning or traditional testing alone will miss, with some AI-automated testing also done for use cases where scale and speed add value (e.g., continuous pentesting and red-team operations).
All of these benefits complement investments in traditional AppSec solutions, with automated testing that can find both new and known vulnerabilities, with virtually no noise/false positives. In most cases, customers will have use cases for both Mayhem and traditional AppSec in their development life cycle.
Mayhem customers can benefit from Crowd-led testing that can find exploitable flaws in post-release assets only skilled humans can find, as well as from complete visibility into those assets and their associated risk. This testing ranges from Vulnerability Disclosure Programs to Managed Bug Bounty Programs to Penetration Testing as a Service to Bugcrowd’s newest offering, Red Team as a Service.
For the Bugcrowd community, this combination will offer a unique opportunity to focus on critical flaws that are out of reach for AI and machines. For example, the additional context produced by continuous AI-led testing will help program owners refine targets and scope in a way that maximizes potential rewards.
In the near future, accelerated innovation from this combination will unlock new capabilities to serve our customers, including advanced, humans-in-the-loop automated pentesting and red teaming that can validate the presence and exploitability of common vulnerabilities in hours instead of days. This will give our hacker community a key role in how agentic testing is planned, executed, and validated.
As we continue to realize our vision of an intelligent, self-learning platform that unites human creativity with machine learning, the opportunities for our customers and hackers are truly endless.
For the full story, view the press release.