Company attributes
Other attributes
ForAllSecure is a developer of autonomous cybersecurity tools intended to automatically find and fix vulnerabilities in run-time executable software both in pre-production and once deployed. The company's software uses automated program analysis and artificial intelligence to find and fix these vulnerabilities. And the technology is based on a symbolic execution engine, which works to explore code paths and generate test cases to determine if a given path can trigger an error condition and be exploited.
ForAllSecure was founded in 2012 by CEO David Brumley, Thanassis Avgerinos, and Alexandre Rebert based on technology emerging from a decade of research from Carnegie Mellon University. The company's technology took first place in DARPA's Cyber Grand Challenge in 2016. The tools developed by ForAllSecure have been used by Roblox, CloudFlare, U.S. Department of Defense, Kinjo, Exact Payments, Castle, EasyLMS, Armada Power, Motional, Subspace, Taptoweb, and 42Crunch.
ForAllSecure's original software is the company's Mayhem software, developed with artificial intelligence to automate the testing of code. The software generates test suites capable of producing actionable AppSec results, developed also to be language-neutral to satisfy emerging industry standards. Mayhem is designed to uncover defects that may otherwise go unnoticed, run specific tests to find vulnerabilities under specific loads and in specific working environments, and run the tests autonomously to reduce errors from manual testing. Mayhem also works to check source code to allow users to continue to use open-source code or third-party software and mitigate any potential risk.
The Mayhem software is also a federally recommended software that has been used to secure and reduce or eliminate vulnerabilities in weapon systems under development. It offers the software as well for continuous, automated, and accurate testing for those software platforms after development and adoption and is capable of being used to secure these software systems against adversarial cyber attacks.
ForAllSecure's Mayhem product is developed for API (application programming interface) security, performance, and validation testing. For security, Mayhem identifies defects and vulnerabilities in the API's code. For performance, Mayhem tests the endpoint performance and test scalability to ensure reliability. And for validation and verification, Mayhem works to provide continuous validation and verification of a given API implementation.
