ForAllSecure Brings The Power Of Coverage-Guided Fuzzing To REST APIs With OpenAPI Specs

David Brumley
January 20, 2021
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Today, we are excited to announce the expansion of Mayhem with the addition of a new offering: Mayhem for API, Enterprise Edition. As organizations adopt Digital Transformation strategies to deliver faster value to customers, there has been an exponential reliance on microservices. The fundamental role microservices play in optimizing a business’ operations have led to greater diligence on validating API performance and reliability.

Mayhem for API provides developers with reliability and performance data before code gets deployed, enabling them to build quality APIs, faster. “Mayhem for API is bringing automated API testing to delivery pipelines. Every code change is tested automatically before deployment, catching reliability and performance bugs before they find their way into production," says Jeff Whalen, Vice President of Product.

“Our focus is to make it so easy to use that customers can find bugs in their APIs within the first five minutes of using Mayhem for API. We’re bringing the power of coverage-guided fuzzing to REST APIs with OpenAPI specs, without any of the complexity”, says Alex Rebert, Co-Founder and Head of Innovation. Mayhem for API brings fuzzing automation technology to the realm of API testing, allowing developers to find those hard-to-expose defects that only fuzzers are built to find and other API testing tools are not equipped to provide. ForAllSecure delivers compelling capabilities.

Make API testing ridiculously easy-to-use


Built to enable developers, Mayhem for API delivers meaningful testing results within minutes. Automatically test every change to your APIs as part of your build pipelines. Find issues before they cause incidents in production. With Mayhem for API, engineering teams can focus on testing results, not the process of conducting testing.

Get performance and reliability testing in one


Mayhem for API maintains your organization’s velocity by combining API performance and reliability testing in a single solution. Mayhem for API delivers comprehensive coverage without sacrificing velocity, giving operations teams peace of mind.

Eliminate manual testing to move at development speed


The fuzzing engine in Mayhem for API automatically parses the API specification and generates test cases the API will understand. Mayhem for API uses previous tests results to generate new test cases automatically, allowing deeper testing of application logic and providing test coverage of all specified APIs.

Build Reliable APIs.

Find out how ForAllSecure can ensure the quality of your APIs with autonomous fuzz testing.

Free Trial Learn More

Integrate with developer workflows


Mayhem for API relies on dynamic fuzz testing to deliver results based on how the APIs actually behave under test, not through simulation or static code analysis. Trustworthy results eliminate test triage steps and allows developers to focus on writing high quality software.

Get fast, actionable results


Mayhem for API integrates with popular source code management systems to automatically test each pull request and provide testing results directly into the PR for developers to review. Now, developers can immediately act without waiting for teams to conduct testing and communicate results. 

Mayhem for API Enterprise Edition is generally available today. You can request access at the link here. In the coming months, we will press forward in our plans to deliver additional tiers that meet the needs of smaller organizations and teams. 

At ForAllSecure, we are committed to delivering innovative testing solutions that address the demands of modern development trends including CI/CD, DevSecOps, Agile, and more. We’d love to show you what our latest addition to Mayhem can do for you. To schedule personalized 1:1 time with our team of security experts, request a demo here

Share this post

Fancy some inbox Mayhem?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

By subscribing, you're agreeing to our website terms and privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Add Mayhem to Your DevSecOps for Free.

Get a full-featured 30 day free trial.

Complete API Security in 5 Minutes

Get started with Mayhem today for fast, comprehensive, API security. 

Get Mayhem

Maximize Code Coverage in Minutes

Mayhem is an award-winning AI that autonomously finds new exploitable bugs and improves your test suites.

Get Mayhem