Software Assurance Marketplace

Welcome to the SWAMP, the Software Assurance Marketplace.

Software is a crucial component of daily living, affecting worldwide economic structures and the services we depend on every day. With the increasing rate of security breaches, it is clear that conventional network security solutions are no longer able to defend our privacy, corporate data, and critical banking information. Today’s applications need to be built more securely at the code level, and that code needs to be tested regularly.

The SWAMP was developed to make it much easier to regularly test the security of these applications and to provide an online laboratory for software assessment tool inventors to build stronger tools. Testing is often complicated and challenging, because comprehensive testing requires the use of several disparate tools with no central means of managing the process. The SWAMP is a no-cost, high-performance, centralized cloud computing platform that includes an array of open-source and commercial software security testing tools, as well as a comprehensive results viewer to simplify vulnerability remediation. A first in the industry, the SWAMP also offers a library of applications with known vulnerabilities, enabling tool developers to improve the effectiveness of their own static and dynamic testing tools. Created to advance the state of cybersecurity, protect critical infrastructures, and improve the resilience of open-source software, the SWAMP integrates security into the software development life cycle and keeps all user activities completely confidential.

Upcoming Events

The SWAMP team will be exhibiting at the following events. If you’re in town, come say hello.

SWAMP and CodeDx will be teaming up for AppSec USA 2016 in Washington, D.C. on October 13-14, 2016. Stop by our booth (G8) to learn more about the power of correlating results from multiple static analysis tools in the SWAMP using the CodeDx viewer!
- Use code “CDDX50US16” for a $50 discount off of your admission