Mayhem Blog

When executing the target in the context of a dynamic analysis, Mayhem employs mechanisms that first identify the root cause of a potential issue and then try to resolve it by intelligently providing different configuration values.

Mayhem for Code helps developers save time by eliminating the need to manually write test cases and comb through false positives, as well as helping find and fix vulnerabilities before software is released.

Mayhem can run on the cloud, but, when you're testing critical/sensitive/confidential code, you can make it more difficult for malicious actors to access Mayhem's findings by deploying it on-prem.

A divide by zero error is typically caused when a program attempts to divide a number by zero. This can happen in mathematical calculations, or when trying to parse data that contains invalid characters.

CWE 248-Uncaught Exception occurs when an exception is not caught by a programming construct or by the programmer. In Java, for example, this would be an unhandled exception that would terminate the program.

Dynamically managed services are a great way to reduce the administrative burden of keeping track of which servers are running which services. However, if these services are not properly controlled, it can lead to security vulnerabilities.

Out-of-bounds reads occur when a program attempts to read data from memory that is outside of the bounds of what it is allowed to access. This can happen when a programmer makes a mistake in their code, or if malicious code is injected into a program.

CWE-400 Uncontrolled Resource Consumption occurs when an application does not properly control the number and/or size of resources that it allocates. When this happens, it can consume too many resources. This can lead to performance degradation, denial-of-service conditions, and resource leaks.

A null pointer dereference is a programming error that can occur when a program attempts to deference a null pointer. This can happen when the programmer mistakenly assumes that a pointer pointing to NULL is actually pointing to a valid object.