Bugcrowd significantly expanded its security testing portfolio by acquiring Mayhem Security, a company specializing in artificial intelligence-enabled offensive security tools. This strategic move directly addresses the growing demand within the government contracting sector for faster, more comprehensive vulnerability detection and remediation capabilities.
Integrating AI and Human Ingenuity
The combined entity will immediately launch an AI-powered, human-in-the-loop security testing platform. Bugcrowd plans to integrate Mayhem’s machine-speed automation with the collective ingenuity and expertise of its global hacker community.
This integration will provide organizations with continuous security coverage throughout the entire software lifecycle, moving from development and testing straight into production.
Bugcrowd CEO Dave Gerry emphasized the strategic importance of the acquisition, stating that combining AI-driven automation with human-led creativity marks a major milestone in transforming how organizations approach cybersecurity.
The platform’s core goal is to help organizations ship secure software more efficiently while significantly reducing their overall attack surface before deployment.
A Heritage of Autonomous Security
Mayhem Security brings a strong foundation of innovation to Bugcrowd, rooted in groundbreaking research. Researchers David Brumley and Thanassis Avgerinos, from Carnegie Mellon University, founded the company.
The team first gained widespread recognition after winning the prestigious Defense Advanced Research Agency’s (DARPA) Cyber Grand Challenge in 2016. In this competition, Mayhem developed an autonomous system capable of discovering and repairing software vulnerabilities in real-time.
Mayhem Security CEO David Brumley noted that the company spent over a decade building technology that thinks and learns like a real-world attacker to autonomously find new vulnerabilities.
Joining Bugcrowd amplifies that core mission by perfectly blending the speed and precision of AI automation with the essential human creativity required to find complex, zero-day flaws.
Impact on Government Software Security
For federal agencies and government contractors, the combined platform offers several compelling advantages. Mayhem’s AI-driven platform already delivers automated penetration testing, deep code analysis, and dynamic Software Bill of Materials (SBOM) management capabilities.
By merging these capabilities with Bugcrowd’s vulnerability validation expertise, government programs can achieve faster, more accurate detection of flaws in critical systems.
This move streamlines the process of securing software, allowing federal programs to deploy mission-critical applications more quickly and with higher assurance, ultimately strengthening the national security posture against increasingly sophisticated cyber threats.
