Mayhem Blog

Expert insights and tips on application security, API security, and other DevSecOps topics.

Eliminate Hours of AppSec Triage with Mayhem’s Dynamic SBOM Generation and SCA Validation

Today we’re excited to announce the newest set of features in Mayhem: dynamic SBOM generation and SCA validation.

The Hacker Mind: Hacking Visual Studio Code Extensions

Rather than use backdoor exploits, attackers are stealing credentials going through the front door - sometimes from the tools we trust.

The Hacker Mind Podcast: Ghost Token

What if an OAUTH access token wasn’t deleted? This could expose databases to bad actors.

Code Security

Common Mayhem CWE Finds: Reachable Assertion

In this blog post series, we're diving into Mayhem's top common weaknesses enumeration (CWE) finds. This post discusses the reachable assertion.

Mayhem Makers

Hacker’s Guide to Summer 2023: Volume 1

Hacker Summer Camp is only weeks away! In this blog post, we'll cover what it is, how you can prepare, what you should pack, top things to do in Vegas, and more.

Mayhem Makers

Mayhem Makers: Sheldon Warkentin, Senior Software Architect

“Mayhem Makers” is a Q&A series dedicated to our growing company. For this month’s profile, we talked with Sheldon Warkentin, Senior Software Architect.

API Security

Testing gRPC Endpoints: How to Test API Endpoints for Vulnerabilities

This blog post discusses how to find security vulnerabilities in API endpoints and tips for remediation, with step-by-step guidance on testing gRPC endpoints.

The Hacker Mind Podcast

The Hacker Mind Podcast: Hacking .Mil And Other TLD Domains (Ethically)

One could hack into a military, a foreign government, or even global commercial web services domain using flaws in the underlying architecture. Fredrik Nordberg Almroth, co-founder of Detectify, talks about how he did just that.

API Security

How to Run a New API Project With Mayhem in 5 Easy Steps

In this blog post, we will walk you through the process of running an API project using Mayhem.

Code Security

How to Run a New Code Project With Mayhem in 5 Easy Steps

In this blog post, we will walk you through the process of launching a new code project using Mayhem.

Mayhem Tips

Get Started Using Mayhem in 5 Minutes or Less

In this blog post, we will show you how to get started using Mayhem in five minutes or less.

Code Security

Best Practices for Secure Programming in Rust

Rust's memory safety and type system help prevent entire classes of vulnerabilities, but that doesn't mean Rust's code is impervious to security issues. Learn some best practices and recommendations for secure application development in Rust.

Add a Little Mayhem to Your Inbox

Subscribe to our weekly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Mayhem Blog

Eliminate Hours of AppSec Triage with Mayhem’s Dynamic SBOM Generation and SCA Validation

The Hacker Mind: Hacking Visual Studio Code Extensions

The Hacker Mind Podcast: Ghost Token

Common Mayhem CWE Finds: Reachable Assertion

Hacker’s Guide to Summer 2023: Volume 1

Mayhem Makers: Sheldon Warkentin, Senior Software Architect

Testing gRPC Endpoints: How to Test API Endpoints for Vulnerabilities

The Hacker Mind Podcast: Hacking .Mil And Other TLD Domains (Ethically)

How to Run a New API Project With Mayhem in 5 Easy Steps

How to Run a New Code Project With Mayhem in 5 Easy Steps

Get Started Using Mayhem in 5 Minutes or Less

Best Practices for Secure Programming in Rust

Add a Little Mayhem to Your Inbox

Add Mayhem to Your DevSecOps for Free.