Bugcrowd Buying Hacker-Built Mayhem Security

The acquisition can help customers deliver safer software faster at lower cost, Bugcrowd said.

(Bugcrowd CEO Dave Gerry)

Bugcrowd, a provider of crowdsourced cybersecurity, announced Tuesday that it has acquired Mayhem Security (formerly ForAllSecure), which offers application and AI-powered security testing.

The move would combine Mayhem’s AI automation with Bugcrowd’s crowdsourced testing platform. Financial terms of the deal were not disclosed.

The integration gives customers AI-backed “automated, proactive protection” during the software development lifecycle.

Mayhem Security’s platform offers API and code security testing, SBOM (Software Bill of Materials), and reinforced learning (RL) by training AI agents to run, break and pass software security tests.

The acquisition can help organizations deliver safer software faster, at a lower cost, Bugcrowd said in a news release.

Concerns over software developed with inherent vulnerabilities have grown as the software supply chain continues to be an enticing target for bad actors and the threat landscape becomes more ominous with the rise of AI.

Attackers are also increasingly using popular open-source development tools as vehicles for delivering threats.

In September, a cyberattack involving a compromised npm package used by developers to build JavaScripts apps was called the “biggest supply chain attack ever” by some security experts. The targeted npm packages are downloaded 2 billion times per week.

“For over a decade, we’ve built technology that thinks and learns like an attacker to autonomously find new vulnerabilities,” said David Brumley, co-founder and CEO of Mayhem Security, who is now chief AI and science officer at Bugcrowd, in a news release. “Joining forces with Bugcrowd amplifies that mission by combining AI-driven automation with the creativity and expertise of the global hacker community. Together, we’re redefining modern security testing, helping organizations preempt risk, close vulnerabilities faster, and eliminate zero-day threats,” Brumley added.

“I’m thrilled to welcome Mayhem Security to the Bugcrowd team,” said Dave Gerry, CEO of Bugcrowd, in a statement. “This acquisition represents another milestone in our mission to transform the way organizations approach cybersecurity by combining the collective ingenuity of our global hacker community with the machine speed and precision of AI offensive security testing. By integrating Mayhem’s capabilities into the Bugcrowd Platform, we’re building the industry’s first truly adaptive security platform, enabling customers to anticipate, test, and defend at unprecedented scale. This is a strategic step toward realizing our vision of a self-learning platform that unites human creativity with machine intelligence, while shrinking customers' attack surface.”