Mayhem Blog

In this "lunch and learn" style webinar, presenter Lakshmia Ferba guides you through the realm of secure by design principles.

In this webinar, you will gain valuable insights into thinking like a hacker. These methods will empower you to protect your organization and digital assets.

With Google’s recent decision to change the lock icon, I’ve been spending a lot of time thinking about TLS/SSL - and certificate transparency in general. In this blog post, I’ll explore both how Certificate Transparency is helpful and the downsides, including the way it shares users' information and the rise of beg bounties.

There are a lot of options for software security testing tools. How do you know which ones are right for you? In this blog post, I'm going to cover a simple two-step process that will allow you to pick the best software security tool for your organization.

Do the benefits of “shift left” justify the extra workload placed on development teams? Learn how to integrate security efficiently.

The word “hacker” is all too often associated with criminal activities. This association, however, does a disservice to the legitimately curious hackers, including students, academics and researchers who work to identify and patch vulnerabilities.

I was recently challenged to come up with the best methods you can use in 2023 to make the systems you are developing more secure. I realized it boils down to one thing: automating offense as part of your defensive security program.

What will cyber offense start doing this year, and how can you prepare? I’m David Brumley, CEO of ForAllSecure, and here are my top three predictions for offense in 2023.

In this blog post, we’ll take a deeper look at the NIST guidance for software development. In particular, we’ll look at PW 8.2 in NIST 800-218.