Bugcrowd announced its acquisition of Mayhem Security, an AI offensive security pioneer founded by top ethical hackers.
The move aims to combine human expertise with artificial intelligence to deliver faster, more adaptive, and cost-efficient security testing. The value of the deal has not been disclosed.
By acquiring Mayhem Security, Bugcrowd seeks to evolve cybersecurity testing through the integration of human ingenuity and machine precision. The partnership enables organisations to release secure software more rapidly while continuously shrinking their attack surface. The collaboration unites Bugcrowd’s vast community of ethical hackers with Mayhem’s autonomous AI platform to create the first fully adaptive security platform designed for continuous coverage from development through to production.
Bugcrowd, headquartered in San Francisco, operates one of the largest crowdsourced cybersecurity platforms in the world. It connects companies with a global network of vetted ethical hackers who identify and resolve vulnerabilities before they can be exploited. The company is known for enabling proactive, real-world testing through human-led simulations and adversarial insight.
Mayhem Security was founded by Dr. David Brumley and Dr. Thanassis Avgerinos, two renowned cybersecurity researchers from Carnegie Mellon University. Their platform leverages AI-driven automation for offensive security testing, combining academic research with practical applications. Mayhem gained global attention in 2016 after winning the DARPA Cyber Grand Challenge, becoming the first non-human team to earn a DEF CON Black Badge. Today, the company’s AI-powered tools cover API, code, and Software Bill of Materials (SBOM) security, and also provide reinforcement learning environments for foundational model developers.
The integration of Mayhem’s automation capabilities with Bugcrowd’s crowdsourced network represents a major shift in vulnerability management. The unified platform will deliver automated testing during development and augment it with human-led adversarial testing in production, giving customers comprehensive visibility into potential threats. This approach is designed to reduce noise, prioritise vulnerabilities effectively, and accelerate remediation.
Bugcrowd CEO Dave Gerry said, “I’m thrilled to welcome Mayhem Security to the Bugcrowd team. This acquisition represents another milestone in our mission to transform the way organizations approach cybersecurity by combining the collective ingenuity of our global hacker community with the machine speed and precision of AI offensive security testing. By integrating Mayhem’s capabilities into the Bugcrowd Platform, we’re building the industry’s first truly adaptive security platform, enabling customers to anticipate, test, and defend at unprecedented scale. This is a strategic step toward realizing our vision of a self-learning platform that unites human creativity with machine intelligence, while shrinking customers’ attack surface.”
Mayhem Security CEO Dr. David Brumley, now chief AI and science officer at Bugcrowd, said, “For over a decade, we’ve built technology that thinks and learns like an attacker to autonomously find new vulnerabilities. Joining forces with Bugcrowd amplifies that mission by combining AI-driven automation with the creativity and expertise of the global hacker community. Together, we’re redefining modern security testing, helping organizations preempt risk, close vulnerabilities faster, and eliminate zero-day threats.”
Find more on RegTech Analyst.
Keep up with all the latest FinTech news here
Copyright © 2025 FinTech Global
