-      This acquisition accelerates Bugcrowd’s vision to unite the hacker community and the power of AI into a single, adaptive security solution that continuously and proactively finds and fixes new and known vulnerabilities across the attack surface.

By : Mohamed Elkholy

Bugcrowd, a leader in crowdsourced cybersecurity, today announced the acquisition of Mayhem Security, a pioneer in AI offensive security founded by some of the world’s most elite hackers, to advance the next generation of humans-in-the-loop, AI-powered security testing. By combining the ingenuity of its global hacker community with Mayhem’s cutting-edge AI platform, Bugcrowd aims to help organizations ship safer software faster, at lower cost, and with greater confidence, while shrinking their attack surface. The terms of the transaction were not disclosed.

Organizations face increasingly complex attack surfaces, driven by rapid software delivery, expanding APIs, and opaque supply chains. Traditional security approaches often detect vulnerabilities only after deployment, leaving exploitable weaknesses in production and exposing businesses to escalating risks from adversaries who operate with increasing speed and sophistication. Addressing these challenges requires a new approach: one that combines the scalability and precision of AI with the contextual insight of human-led testing to deliver security that evolves as fast as the threats it defends against.

The integration of Mayhem’s AI-driven automation with Bugcrowd’s crowdsourced testing redefines how vulnerabilities are discovered and remediated across the software development lifecycle. Customers will gain automated, proactive protection during development through virtually noise-free testing that continuously finds, prioritizes, and validates the remediation of vulnerabilities, seamlessly complemented by Bugcrowd’s proven, human-driven adversarial testing of deployed software by trusted, highly skilled hackers. This marks an industry first, bringing both capabilities together in a unified platform that delivers continuous coverage from development to production. By combining Mayhem’s AI offensive security with Bugcrowd’s trusted crowdsourced expertise, organizations can continuously reduce their attack surface, eliminate risky code and dependencies, and keep pace with modern adversaries.

“I’m thrilled to welcome Mayhem Security to the Bugcrowd team,” said Dave Gerry, CEO of Bugcrowd. “This acquisition represents another milestone in our mission to transform the way organizations approach cybersecurity by combining the collective ingenuity of our global hacker community with the machine speed and precision of AI offensive security testing. By integrating Mayhem’s capabilities into the Bugcrowd Platform, we’re building the industry’s first truly adaptive security platform, enabling customers to anticipate, test, and defend at unprecedented scale. This is a strategic step toward realizing our vision of a self-learning platform that unites human creativity with machine intelligence, while shrinking customers' attack surface.”

Mayhem Security was founded by Dr. David Brumley and Dr. Thanassis Avgerinos, two world-renowned cybersecurity innovators who each hold a PhD from Carnegie Mellon University. United by a vision to transform how organizations find and fix vulnerabilities, they’ve built a platform that blends deep academic research with real-world impact. The company made history in 2016 by winning the DARPA Cyber Grand Challenge with an autonomous system capable of discovering, diagnosing, and repairing software flaws in real time, later earning the first-ever DEF CON Black Badge awarded to a non-human competitor. Today, Mayhem’s AI offensive platform delivers continuous security testing across APIs, code, and Software Bill of Materials (SBOM), and provides Reinforcement Learning environments for builders of foundational LLM models.

Mayhem Security currently delivers:

API Security—Replaces biased and cumbersome manual methods with continuous, automated penetration testing to find, validate, and fix API vulnerabilities with 100% accuracy.

Code Security—Enables customers to ship or deploy secure code faster and at a lower cost compared to noisy, time-consuming manual testing.

Dynamic SBOM—Simplifies and accelerates time-to-compliance by profiling runtime applications and automatically identifying and removing risky third-party dependencies and unused code.

Reinforcement Learning—Trains agents to carry out actions and solve problems by learning to run, break, and pass tests in real software.

“For over a decade, we’ve built technology that thinks and learns like an attacker to autonomously find new vulnerabilities. Joining forces with Bugcrowd amplifies that mission by combining AI-driven automation with the creativity and expertise of the global hacker community. Together, we’re redefining modern security testing, helping organizations preempt risk, close vulnerabilities faster, and eliminate zero-day threats.” Dr. David Brumley, CEO of Mayhem Security

Bugcrowd’s acquisition of Mayhem Security marks a strategic evolution in how cybersecurity drives enterprise growth,” said Navin Maharaj, Senior Director at KDT. “As software development accelerates and attack surfaces expand, integrated platforms like Bugcrowd’s are uniquely positioned to lead. This move strengthens their market presence and amplifies their ability to deliver long-term value across the enterprise landscape.”

“Bugcrowd continues to push the boundaries in modernizing cybersecurity, and the acquisition of Mayhem Security is a testament to that mission,” said Jeff Hinck, Co-Founder and Managing Director, Rally Ventures. “By integrating AI-driven offensive security capabilities with its trusted hacker community, Bugcrowd is delivering a solution that’s not only adaptive but anticipatory and preemptive, helping organizations stay ahead of threats rather than just react to them.”

"We believe Mayhem’s breakthrough technology and visionary leadership have consistently pushed the boundaries of what’s possible in cybersecurity,” said Aaron Jacobson, Partner, NEA. “We’re excited to see this next chapter unfold with Bugcrowd, as they bring together automation and human insight to deliver a truly differentiated solution for today’s evolving threat landscape."

"The future of cybersecurity lies at the intersection of human creativity and machine intelligence,” said Mark Crane, Partner, General Catalyst. “The addition of Mayhem’s autonomous capabilities strengthens Bugcrowd’s position as a driving force in crowdsourced security. We’re proud to support a team that’s building the next generation of AI-powered, human-in-the-loop security testing.”