Bugcrowd Acquires Mayhem Security To Boost Autonomous App Testing

Key capabilities from Mayhem Security include continuous penetration testing for discovering and fixing vulnerabilities in APIs as well as application code, Bugcrowd says.

Bugcrowd announced the acquisition Tuesday of Mayhem Security, a longtime provider of autonomous application security testing, in a bid to help accelerate vulnerability remediation.

Terms of the acquisition deal weren’t disclosed. Mayhem Security has 11 employees, all of whom are joining crowdsourced security provider Bugcrowd, the vendor told CRN.

Formerly known as ForAllSecure, Mayhem Security was founded in 2012 and has been working to enable faster identification of software vulnerabilities through automation, Co-Founder and CEO David Brumley said in a previous interview.

Key capabilities from Mayhem Security include continuous, automated penetration testing for discovering and fixing vulnerabilities in APIs as well as application code, Bugcrowd said in a news release.

For Bugcrowd, the addition of Mayhem Security’s “AI-driven automation” will enable the crowdsourced cybersecurity platform to deliver the industry’s “first truly adaptive security platform,” Bugcrowd CEO Dave Gerry said in a quote included in the release.

Mayhem Security had raised at least $36 million in funding, with the company — under the former name ForAllSecure — last raising a $21 million Series B round in 2022 led by New Enterprise Associates and Koch Disruptive Technologies.

Prior M&A by Bugcrowd has included the 2024 acquisition of Informer, a veteran provider of external attack surface management capabilities.

In August, Bugcrowd unveiled a new offering, AI Connect, aimed at enabling secure integration of AI systems with the company’s real-time feeds of vulnerability data. Bugcrowd also debuted its new Asset View capability that brings together asset discovery and management with scanning and offensive testing.