Category Archives: Education

SWAMP Is Coming to OSCON 2017!

Are you headed to Austin, TX in May for OSCON 2017? If so, today is the last day to get the “Best Price” on conference passes. Use our discount code, SWAMP25, to save 25% on your admission, and be sure to look out for the Software Assurance Marketplace in Booth #518 at OSCON on May 8-11!

Our team members will be giving several presentations at the conference, as well as demoing the latest enhancements to SWAMP and SWAMP-in-a-Box!

 

SWAMP is on NewsWatch TV!

NewsWatch TV LogoThe SWAMP was just featured on the NewsWatch TV program. Dr. Lethia Jackson from Bowie State University spoke about the benefits that her computer science students have received from using the SWAMP in the classroom. She said, “The students gain an understanding of what is secure coding, but most importantly, their confidence is what they’ve really gained. They feel more confident in programming, period.” Check out the video and more here. And don’t forget to review your code in the SWAMP at https://www.mir-swamp.org/.

SWAMP’s Link to the Development of Fuzzing

Wired LogoThe SWAMP’s Chief Scientist, Bart Miller, was recently interviewed by Andy Greenberg at WIRED regarding his role in the development of fuzzing. “In the world of cybersecurity, fuzzing is the usually automated process of finding hackable software bugs by randomly feeding different permutations of data into a target program until one of those permutations reveals a vulnerability.”

At the University of Wisconsin-Madison, Miller and a group of students “created the first purpose-built fuzzing tool to try to exploit that method of haphazardly stumbling into security flaws.” At the time, their paper and methods were criticized, but according to Miller, “Today, if you’re a hacker trying to crack a system, the first thing you do is fuzz test it.”

Read the full article

Bad and Good News About Using Software Assurance Tools

Department of Computer Sciences University of Wisconsin-Madison LogoA team of researchers from the University of Wisconsin-Madison recently published an academic paper sharing the pros and cons of using software assurance tools. They first discuss the process of using a software assurance tool and the challenges that come with it. Then, they evaluate how the SWAMP’s security, automation, access to multiple tools, and unified results viewer reduce the barriers to tool adoption.

Read the full paper

Improving Cybersecurity Education with SWAMP

Bowie State University LogoIn a time when million-dollar security breaches of household name corporations regularly make headlines, computer science undergraduates at America’s universities remain surprisingly underexposed to basic cybersecurity tactics. The Software Assurance Marketplace (SWAMP) has been working to address this skills gap through a unique partnership with Bowie State University in Maryland. The SWAMP offers a rich and accessible suite of software security tools that Bowie State has been integrating into undergraduate coding courses, giving students an efficient way to examine and rid their code of security weaknesses. The partnership offers a national model for integrating cybersecurity into the curriculum.

Read the full article

SWAMP’s Back for OSCON 2016!

The SWAMP will be exhibiting at OSCON 2016, and we’d love to see you there! It will be our first time in Austin, so we’re excited to see lots of new faces and have some exciting SWAMP updates to share. For a discount on your conference pass, use our code below. Then stop by our booth in the expo area on May 17-19!We're Exhibiting. O'Reilly OSCON May 16-19, 2016 Austin, TX

OSCON 2016

Austin, TX – May 16-20 – Booth #518

  • 25% off a 2-day or higher conference pass: SWAMP25
  • Register here

SWAMP Referenced by UW-Madison CIO

University of Wisconsin-Madison Bascom HallBruce Maas, CIO of the University of Wisconsin-Madison, mentioned the SWAMP in today’s article on wisbusiness.com. In reference to increased broadband use for the Internet of Things, he states, “The university’s federally funded SWAMP project (Software Assurance Marketplace) is staffed by leading computer science department faculty who will work with the business community on software code to create greater security for their companies.”

Read the full article

Outcomes from Software Security Discussions in “Dark Reading”

Information Week Dark Reading LogoThe SWAMP, along with several other companies and universities, participated in a recent exploratory working group focused on shaping the future of software security. The goal was to “create a very succinct and concrete plan of real-world actions that are executable today for a more resilient software world.” Four working group sessions, led by industry experts, discussed gaps in assurance tool technologies, labeling software with assurance levels to improve the software supply chain, creating a more orthogonal encyclopedia of software weaknesses than CWEs, and mobility app security threats. Read the full article on Dark Reading for the detailed talking points and takeaways.

Jedi Training for Software in the SWAMP

Luke Skywalker and YodaJust as Luke Skywalker honed his Jedi skills with Yoda on Dagobah, you can strengthen your code with a variety of software analysis tools in the SWAMP! In his article for Security Current, Ed Moyle explains the value that the SWAMP provides to developers and the application security community as a “collaborative, open environment that allows no-cost access to a body of software testing tools, code samples, test-beds, and other resources designed to enable robust application security testing.” Use the SWAMP, you must, for coding wisdom and software security guidance.

“Service Virtualization” Talks with Bart Miller About SWAMP’s Orchestra of Tools

George Lawton from Service Virtualization recently interviewed Bart Miller, Chief Scientist of the SWAMP and computer science professor at University of Wisconsin-Madison. During their Q&A, Miller explained how the SWAMP hosts an orchestra of static analysis tools.

symphony“The commercial tools will run side by side with the open source tools… There is no one tool that covers everything. We are trying to create an environment where you are not as interested in listening to each instrument as to the whole orchestra. We are trying to bring together a merged combined result.”

Read the full article to learn more about the benefits of assessing your code against multiple tools in the SWAMP.

« Older Entries Recent Entries »