ForAllSecure, a leader in modern application security testing, today announced that it is investing $2 million to make open-source software (OSS) more secure. The company also announced that it will offer a free version of its flagship product Mayhem. The winner of the DARPA Cyber Grand Challenge and featured in a Smithsonian Institution AI exhibit, Mayhem will now be free to anyone integrating the product to any project on GitHub.
Open-source software is mission-critical, but its security is severely under-tested. The Linux Foundation reports that OSS developers want help with free security audits and the addition of security to their continuous integration pipeline. ForAllSecure is offering up to $2 million to meet these needs with its Mayhem Heroes program. Anyone who integrates Mayhem into a qualified OSS GitHub project will receive $1,000.
“We’re on a mission to automatically find and fix the world’s exploitable bugs before attackers can succeed. OSS developers need help, and don’t have access to the tools they need to quickly and easily find vulnerabilities,” said David Brumley, Chief Executive Officer and co-founder of ForAllSecure. “Our Mayhem Heroes program democratizes software security testing, will make tens of thousands of OSS projects safer, and ultimately impact the security of systems used by everyone around the world.”
Both versions of the Mayhem security products, Mayhem for Code and Mayhem for API, are now available for free for personal use. Mayhem focuses on developer productivity by eliminating false positives found in other security testing solutions, improves testing for reliability, and prevents security regressions. Mayhem’s patented algorithms were pioneered at Carnegie Mellon University and deemed revolutionary by the U.S. Defense Advanced Research Projects Agency in the Cyber Grand Challenge.