Bugcrowd Boosts AI Security with Mayhem Acquisition
▼ Summary
– Bugcrowd has acquired Mayhem Security to advance AI-powered, human-in-the-loop security testing, though the transaction terms were not disclosed.
– Organizations face growing attack surfaces due to rapid software delivery, expanding APIs, and opaque supply chains, exposing them to sophisticated adversaries.
– The integration combines Mayhem’s AI-driven automation with Bugcrowd’s crowdsourced testing to find and remediate vulnerabilities across the software development lifecycle.
– Mayhem Security offers automated services including API security, code security, dynamic SBOM, and reinforcement learning to improve vulnerability detection and compliance.
– This acquisition aims to create an adaptive security platform that unites human creativity with AI to help organizations reduce their attack surface and preempt risks.
Bugcrowd has significantly strengthened its position in the AI security market by acquiring Mayhem Security, a move designed to enhance AI-powered, human-in-the-loop security testing. This strategic acquisition enables organizations to develop and deploy safer software more rapidly, reduce operational costs, and minimize their attack surface with greater confidence. Financial specifics of the deal remain confidential.
Modern enterprises confront increasingly intricate attack surfaces, fueled by accelerated software delivery cycles, the proliferation of APIs, and complex supply chain dependencies. Conventional security methods frequently identify vulnerabilities only after software is already in production, leaving dangerous weaknesses exposed. This delay allows adversaries, who are growing faster and more sophisticated, to exploit these gaps and inflict escalating damage.
To counter these threats effectively, a novel strategy is essential, one that merges the scalability and accuracy of artificial intelligence with the nuanced understanding provided by human experts. This hybrid model ensures that security measures evolve in lockstep with the threats they are designed to neutralize.
The fusion of Mayhem’s AI-driven automation with Bugcrowd’s crowdsourced security testing fundamentally transforms how vulnerabilities are identified and resolved throughout the software development lifecycle. Clients will benefit from automated, proactive protection during the development phase, featuring testing that is virtually free of false positives. This system continuously uncovers, prioritizes, and verifies the remediation of security flaws. It is perfectly complemented by Bugcrowd’s human-led adversarial testing, where trusted, elite hackers evaluate deployed applications.
By uniting Mayhem’s AI offensive security capabilities with Bugcrowd’s global crowd of security researchers, businesses can achieve continuous attack surface reduction. They can systematically eliminate hazardous code and third-party dependencies, ensuring they stay ahead of malicious actors.
Dave Gerry, Bugcrowd’s CEO, remarked, “This acquisition marks a pivotal moment in our quest to revolutionize cybersecurity. We are blending the collective ingenuity of our worldwide hacker network with the speed and precision of AI-driven offensive security testing.”
He added, “Incorporating Mayhem’s technology into the Bugcrowd Platform allows us to create the industry’s premier adaptive security solution. It empowers clients to anticipate risks, conduct testing, and mount defenses on an unprecedented scale. This is a strategic leap toward our vision of a self-learning platform that harmonizes human creativity with machine intelligence, all while shrinking the customer’s attack surface.”
Mayhem Security’s current offerings include:
API Security – This solution replaces subjective and labor-intensive manual techniques with continuous, automated penetration testing. It detects, confirms, and resolves API vulnerabilities with complete accuracy.
Code Security – It allows clients to release or implement secure code more swiftly and economically, outperforming traditional manual testing which is often slow and generates excessive noise.
Dynamic SBOM – By analyzing runtime applications, this feature streamlines and speeds up compliance efforts. It automatically detects and eliminates risky third-party components and unused code.
Reinforcement Learning – This technology trains autonomous agents to perform actions and solve challenges by learning to execute, compromise, and pass tests within real software environments.
Dr. David Brumley, CEO of Mayhem Security, stated, “For more than ten years, we’ve developed technology that mimics an attacker’s thought process to independently discover new vulnerabilities. Partnering with Bugcrowd magnifies this mission, merging AI automation with the innovation and skill of the global hacker collective. Together, we are reshaping contemporary security testing, assisting organizations in preempting risks, closing security gaps more quickly, and eliminating zero-day threats.”
Navin Maharaj, Senior Director at KDT, observed, “Bugcrowd’s purchase of Mayhem Security signifies a strategic shift in how cybersecurity fuels business growth. As software development quickens and attack surfaces broaden, integrated platforms like Bugcrowd’s are exceptionally well-placed to take the lead. This action not only solidifies their market standing but also boosts their capacity to provide lasting value throughout the enterprise ecosystem.”
(Source: HelpNet Security)
