Cookie Consent

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

deny icon
Deny
allow icon
Accept
All Posts

How to Integrate Mayhem for API Into Your CircleCI Pipeline

James Kessler
November 3, 2022
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

If you are using Circle CI for your build pipelines, you can now scan your APIs by adding our official orb. This orb downloads the latest version of Mayhem and scans your API. Failures are recorded as junit results, which can be stored in CircleCI using the store_test_results step.

We recommend using this to ensure no security vulnerabilities or crashes are present before merging code into your default branch.

Adding the Mayhem for API Orb

version: 2.1
orbs:
mapi: forallsecure/mapi@1.0.0

Create a new job to scan your API and start your service. Then call the `mapi/scan` command to run Mayhem against your service.

jobs:
mayhem-for-api:
machine:
image: ubuntu-2204:2022.07.1
steps:
# Start your service
- run:
command: start-service.sh &
# Scan your API with Mayhem for API
- mapi/scan:
api-url: "http://localhost:8000"
api-spec: "https://demo-api.mayhem4api.forallsecure.com/api/v3/openapi.json"
- store_artifacts:
path: /tmp/mapi
- store_test_results:
path: /tmp/mapi/junit.xml

Then add the new job to your workflow.

workflows:
tests-and-security:
jobs:
- mayhem-for-api

Mayhem will now fuzz your API, report failures as test results, and ensure your code is and remains secure.

undefined



You can find more documentation on Mayhem continuous integration here.

Share this post
Blog

Recent Blogs

View All
Mayhem Makers

Introducing Mayhem’s Dynamic SBOM Generation and SCA Validation Feature

We’re excited to announce the release of our latest feature: Mayhem’s Dynamic SBOM Generation and SCA Validation feature.
Read More
Mayhem Tips

Crafting POCs for Fun and Profit using Mayhem

In this five minute tutorial, we'll use Mayhem to generate a Proof-of-Concept (POC) exploit for a buffer overflow using a tiny C program as our running example.
Read More
Mayhem Makers

Mayhem Makers: Josh Thorngren, VP Marketing and Product

“Mayhem Makers” is a Q&A series dedicated to our growing company. For this month’s profile, we talked with Josh Thorngren, VP Marketing and Product at Mayhem.
Read More
View all

Fancy some inbox Mayhem?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

By subscribing, you're agreeing to our website terms and privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Add Mayhem to Your DevSecOps for Free.

Get a full-featured 30 day free trial.

Company
AboutCareersPressEvents
Support
Docs & TutorialsContact
Connect with us
© 2024 ForAllSecure
Privacy PolicyTerms of UseCookies Settings
API Security
Mayhem Tips

Complete API Security in 5 Minutes

Get started with Mayhem today for fast, comprehensive, API security. 

Get Mayhem

Maximize Code Coverage in Minutes

Mayhem is an award-winning AI that autonomously finds new exploitable bugs and improves your test suites.

Get Mayhem