Miron Livny Speaks at WIN
There were roughly 40 attendees who offered many questions on the general topic of cybersecurity and how the SWAMP will play a role in improving software security.
Josh is the front-end security lead for Red Hat. By front-end he means all the things that make Red Hat software more secure BEFORE it leaves the door. That includes developer education related to secure coding practices (really just getting started here), as well as manual and automated analysis.
After the lunch, Josh spent a bit of time with the MIR SWAMP team and the UW’s Jim Kupsch, discussing broad ways in which Red Hat and SWAMP could potentially collaborate including:
- Development, sharing and dissemination of secure coding practice educational materials
- Sponsoring or contributing to open source SWA tool development
- Using SWAMP for some of their ‘front end’ security operations
Josh also mentioned a Fedora project called Firehose – An Interchange Format for Static Code Analysis Results – a capability we are interested in supporting in SWAMP.