Bug bounty and vulnerability disclosure company Bugcrowd announced on Tuesday that it has acquired application security firm Mayhem Security.
Financial terms of the deal have not been disclosed. However, Bugcrowd told SecurityWeek that the acquisition of Mayhem has nearly doubled its valuation.
While there does not appear to be any recent valuation data, Bugcrowd was reportedly valued at over $1 billion after it raised $102 million in February 2024.
Mayhem, previously named ForAllSecure, has raised $36 million. The company has developed AI-powered API security, code security, and dynamic SBOM products, and Bugcrowd says these solutions will enable it to enhance its security testing capabilities.
Mayhem technology will be integrated with Bugcrowd’s human-driven crowdsourced testing to enable organizations to ship secure software by continuously finding and prioritizing vulnerabilities, and validating their remediation.
“By integrating Mayhem’s capabilities into the Bugcrowd Platform, we’re building the industry’s first truly adaptive security platform, enabling customers to anticipate, test, and defend at unprecedented scale,” said Dave Gerry, CEO of Bugcrowd. “This is a strategic step toward realizing our vision of an intelligent, self-learning platform that unites human creativity with machine intelligence, while shrinking customers’ attack surface.”
Bugcrowd last year acquired UK-based external attack surface management and pentesting firm Informer to enhance its offering.
More than 360 mergers and acquisitions have been added this year to SecurityWeek’s cybersecurity M&A tracker. Nearly two dozen of the deals involved application security companies.
Related: CISO Conversations: Nick McKenzie (Bugcrowd) and Chris Evans (HackerOne)
Related: Zscaler Acquires AI Security Company SPLX
Related: Cybersecurity M&A Roundup: 45 Deals Announced in October 2025
Related: Jamf to Go Private Following $2.2 Billion Acquisition by Francisco Partners
