Bugcrowd has acquired Mayhem Security, a company specialising in AI-powered offensive security testing founded by leading cybersecurity experts.
The acquisition marks a significant step toward merging human creativity with artificial intelligence to create a more adaptive and proactive approach to cybersecurity. The financial terms of the transaction were not disclosed.
The acquisition is aimed at developing a next-generation security testing platform that combines Bugcrowd’s global hacker community with Mayhem Security’s autonomous AI technology. Together, the two companies plan to help organisations ship safer software faster and at a lower cost, while reducing their overall attack surface. The integration seeks to close the gap between human-led and automated security testing, allowing for faster identification and remediation of vulnerabilities across software development and production environments.
Bugcrowd, founded in 2012, operates one of the world’s leading crowdsourced security platforms, connecting organisations with ethical hackers to identify and fix vulnerabilities before adversaries can exploit them. Its services help enterprises enhance security resilience across their digital ecosystems, providing access to an extensive network of trusted researchers and vulnerability testing solutions.
Mayhem Security, founded by Dr. David Brumley and Dr. Thanassis Avgerinos, is recognised for its pioneering AI-driven offensive security platform. The company gained prominence after winning the DARPA Cyber Grand Challenge in 2016 with an autonomous system capable of detecting and repairing software flaws in real time—an achievement that also earned it the first-ever DEF CON Black Badge for a non-human competitor. The firm’s AI technology supports continuous security testing across APIs, codebases, and Software Bills of Materials (SBOMs), as well as reinforcement learning environments for LLM model builders.
By merging Mayhem’s automation with Bugcrowd’s human-led expertise, the unified platform will provide continuous coverage from development to production. The integration aims to deliver proactive, virtually noise-free testing that identifies, prioritises, and validates vulnerabilities automatically, complemented by manual testing from Bugcrowd’s trusted hacker community. This approach represents an industry-first model for adaptive, self-learning security platforms capable of defending against modern threats at scale.
Bugcrowd CEO Dave Gerry said, “I’m thrilled to welcome Mayhem Security to the Bugcrowd team. This acquisition represents another milestone in our mission to transform the way organisations approach cybersecurity by combining the collective ingenuity of our global hacker community with the machine speed and precision of AI offensive security testing. By integrating Mayhem’s capabilities into the Bugcrowd Platform, we’re building the industry’s first truly adaptive security platform, enabling customers to anticipate, test, and defend at unprecedented scale. This is a strategic step toward realising our vision of a self-learning platform that unites human creativity with machine intelligence, while shrinking customers’ attack surface.”
Mayhem Security CEO Dr. David Brumley, who will now serve as chief AI and science officer at Bugcrowd, said, “For over a decade, we’ve built technology that thinks and learns like an attacker to autonomously find new vulnerabilities. Joining forces with Bugcrowd amplifies that mission by combining AI-driven automation with the creativity and expertise of the global hacker community. Together, we’re redefining modern security testing, helping organisations preempt risk, close vulnerabilities faster, and eliminate zero-day threats.”
Navin Maharaj, senior director at KDT, said, “Bugcrowd’s acquisition of Mayhem Security marks a strategic evolution in how cybersecurity drives enterprise growth. As software development accelerates and attack surfaces expand, integrated platforms like Bugcrowd’s are uniquely positioned to lead. This move strengthens their market presence and amplifies their ability to deliver long-term value across the enterprise landscape.”
Jeff Hinck, co-founder and managing director of Rally Ventures, added, “Bugcrowd continues to push the boundaries in modernising cybersecurity, and the acquisition of Mayhem Security is a testament to that mission. By integrating AI-driven offensive security capabilities with its trusted hacker community, Bugcrowd is delivering a solution that’s not only adaptive but anticipatory and preemptive, helping organisations stay ahead of threats rather than just react to them.”
Keep up with all the latest RegTech news here
Copyright © 2025 RegTech Analyst
Copyright © 2018 RegTech Analyst
