Meet Our Mayhem Heroes: Bailey Capuano

Mayhem Team
October 19, 2022
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

During the Spring 2022 semester, ForAllSecure hosted a day-long hackathon at Arizona State University where 181 students participated as part of the Mayhem Heroes program.

Bailey Capuano recognized the value of cybersecurity and joined us for the event. Over the next several weeks, Capuano and the combined groups of ASU students contributed over 300 GitHub Open Source Software integrations for our Mayhem Heroes program.

As part of Phase 1, ForAllSecure has offered up to $2 million to meet these needs with its Mayhem Heroes program. Anyone who agreed to the terms, conditions, and then successfully integrated Mayhem into a qualified OSS GitHub project received $1,000.  Capuano is one of those heroes. Since then, Capuano has graduated with a Master of Science in Computer Science (Cybersecurity). 

“Having participated in the Heroes Community has provided me with a newfound interest in automated software testing, which I would love to keep exploring and learning about.” —Bailey Capuano

How did you first get into software development?

“I took an introduction to web development course in middle school and was immediately hooked. I loved that programming felt like solving a puzzle as opposed to regular homework. From then onwards, I knew I’d want to do software development professionally. I’m always looking for ways to challenge myself, and software development is the perfect opportunity to do just that.”

What brought you to the Heroes program?

“Besides sounding like an amazing opportunity to get paid for writing software, I always wanted an excuse to delve deeper into fuzzing and writing harnesses as I had limited exposure to them from a previous course at school.”

 What is your biggest success with the Heroes program?

“I would say that my biggest success was becoming far more comfortable with fuzzing as a concept and learning how to identify fuzzing targets within large open-sourced libraries. It was an extremely rewarding experience to play a small part in making the software ecosystem a safer place.”

What is the biggest software bug that you’ve identified using Mayhem?

“While I was able to find numerous null-pointer dereferences across a swath of projects that could be used in denial of service attacks, I would say the biggest software bug I found was in a networking library. The Mayhem framework was able to identify a buffer overflow in the project’s functionality that handles UDP packet receipt. This is especially dangerous as this vulnerability could easily be triggered by a remote attacker to leak information.” 

What advice do you have for the new class of Heroes?

“You may get discouraged if you struggle to integrate Mayhem into a project and just can’t get it. Know when to move on to the next target and come back later. Most importantly, remember that your efforts will have a big impact on software security.”

Mayhem Heroes

The Mayhem Heroes program Phase 1 has concluded. Look for an announcement for Phase 2 coming in the Fall of 2022. In the meantime, you can always sign up for a free version of Mayhem.

Share this post

Fancy some inbox Mayhem?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

By subscribing, you're agreeing to our website terms and privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Add Mayhem to Your DevSecOps for Free.

Get a full-featured 30 day free trial.

Complete API Security in 5 Minutes

Get started with Mayhem today for fast, comprehensive, API security. 

Get Mayhem

Maximize Code Coverage in Minutes

Mayhem is an award-winning AI that autonomously finds new exploitable bugs and improves your test suites.

Get Mayhem