ForAllSecure, said today that it will contribute $2 million to improve the security of open source software (OSS). The firm also announced that a free version of its flagship game, Mayhem, will be available. Mayhem, the winner of the DARPA Cyber Grand Challenge and a Smithsonian Institution AI display, will now be available for free to anyone incorporating the product into any GitHub project.
Although open source software is mission-critical, it is chronically under-tested in terms of security. OSS developers, according to the Linux Foundation, desire free security assessments and the incorporation of security to their continuous integration pipeline. With its Mayhem Heroes program, ForAllSecure is donating up to $2 million to help satisfy these demands. Anyone who successfully integrates Mayhem into a qualifying OSS GitHub project will be awarded $1,000.
“We’re on a mission to automatically find and fix the world’s exploitable bugs before attackers can succeed. OSS developers need help, and don’t have access to the tools they need to quickly and easily find vulnerabilities,” said David Brumley, Chief Executive Officer and co-founder of ForAllSecure. “Our Mayhem Heroes program democratizes software security testing, will make tens of thousands of OSS projects safer, and ultimately impact the security of systems used by everyone around the world.”
Mayhem for Code and Mayhem for API, both versions of the Mayhem security tools, are now available for personal use for free. Mayhem focuses on developer productivity by removing false positives encountered in existing security testing tools, improving reliability testing, and preventing security regressions. Mayhem’s unique algorithms were developed at Carnegie Mellon University and were rated groundbreaking in the Cyber Grand Challenge by the US Defense Advanced Research Projects Agency.