Category Archives: Marketing

Upcoming SWAMP Events

It’s going to be a busy summer and fall for the SWAMP team. We have several events coming up, and we’d like for you to join us!

  • The SWAMP team will be exhibiting at OSCON 2018 in Portland, OR on July 18-19.
    • Register here, and get 25% off of your Gold, Sliver, or Bronze OSCON pass using our discount code, SWAMP25.
  • SWAMP will be at the BlackHat USA 2018 conference on August 8-9. Register here. We will be part of the DHS Science & Technology booth (#1336) and will be giving demos of SWAMP software from the business hall at the following times:
    • Wednesday, August 8 – 12:15-12:30pm & 5:15-5:30pm
    • Thursday, August 9 – 12:15-12:30pm
  • Bart Miller and Elisa Heymann will be teaching a tutorial at the IEEE Cybersecurity Development Conference (SecDev) held on September 30-October 2 in Cambridge, MA. “Secure Coding Practices, Automated Assessment Tools and the SWAMP” is scheduled on September 30 from 1:30pm to 5:00pm (view the agenda).
  • Bart Miller and Elisa Heymann will be presenting at the O’Reilly Velocity conference in London on October 30-November 2. Their session, “Critical Infrastructure Software Security: A Maritime Shipping Study Case,” will be at 1:15–1:55pm on Friday, November 2. Register here.
  • On November 11-12, Bart Miller and Elisa Heymann will be giving a tutorial at Supercomputing 2018 in Dallas, TX. Learn more about security programming and software assurance tools, including hands-on activities in the SWAMP!

Get a discounted conference pass for OSCON 2018!

O'Reilly Open Source Convention in Portland 2018
The SWAMP will be exhibiting at OSCON 2018, and we’d love to meet you in Portland, OR! Next Friday, April 20th, is the last day to get the “Best Price” on conference passes. Use our discount code, SWAMP25, to save 25% on your Gold, Sliver, or Bronze OSCON pass.

Be sure to look out for the Software Assurance Marketplace in Booth #322 on July 18-19! Our team members will be demoing the latest enhancements to SWAMP and SWAMP-in-a-Box!

DevOpsDays Baltimore – SWAMP Discount

If you are going to be in Baltimore, MD on March 21-22 for DevOpsDays Baltimore, stop by to see the SWAMP team! When registering for the conference, use the SWAMP’s discount code SWAMPFRIENDS to save 10% on your registration. The SWAMP team will be providing demos and answering questions about the SWAMP’s open source software, including SWAMP-in-a-Box and SWAMP plug-ins for Eclipse, Jenkins, and Git/Subversion.

Register for DevOpsDays here.

With SWAMP-in-a-Box, Bring Your Own License and Turbo-Charge Software Assurance

FOR IMMEDIATE RELEASE:
February 28, 2018

With SWAMP-in-a-Box, ‘Bring Your Own License’ and turbo-charge software assurance

MADISON, WI–(GlobeNewswire – February 28, 2018) – In the drive to reduce software security flaws, the Software Assurance Marketplace (SWAMP) project has enhanced its portable platform that brings a comprehensive suite of software assurance tools to the programmer’s desktop.

This open-source SWAMP-in-a-Box (SiB) platform now integrates more than 30 tools, both open source and commercial, into a customizable, easy to deploy capability, significantly reducing the barriers to entry for using such tools.

Using multiple tools to regularly scan software is the cornerstone of continuous assurance – the practice of integrating software assurance into the continuous cycle of modern software development. As a continuous assurance platform, SiB facilitates software assessment with multiple assurance tools. The new “Bring Your Own License” model allows organizations to integrate already-purchased commercial tools into their locally deployed SWAMP-in-a-Box instance.

Organizations need only to acquire a license for the commercial tools supported by SiB or use an existing license that they have acquired. The result is hassle-free continuous assessments with the tools of their choice. “Bring Your Own License” capabilities further the SWAMP’s goal of offering a one-stop continuous assurance resource for developers throughout the software development life cycle.

“We continuously receive requests from organizations who deploy SiB to add support for additional tools,” says Miron Livny, SWAMP director and chief technology officer. “In close collaboration with vendors, we work to integrate new commercial tools while maintaining the tool-neutrality of our platform. Our goal is to make the software assurance process simpler and more effective for all parties involved in the software assurance eco-system.”

While hundreds of software assurance tools are available to the development community, the SWAMP is working to maximize its impact by forging partnerships with industry-leading tool providers. Partnerships have been established with vendors such as Parasoft, Synopsys, GrammaTech, and PRQA. The SWAMP is actively seeking new partnerships with software assurance and security tool providers in both the commercial and open-source sectors.

“The vendors provide the state of the art assurance tools; we make the tools easy to run by making them a natural part of the programmer’s workflow and helping with the best configuration settings for each,” says Bart Miller, University of Wisconsin-Madison computer scientist and chief scientist for the SWAMP. “We not only help save time, but our continuous assurance platform will also help users get the maximum benefit out of their tools by doing all the configuration work up-front.”

Whether it be small businesses or individual developers, SiB gives organizations peace of mind that the tools are properly installed, maintained, and have the latest upgrades.

The SiB continuous assurance platform is freely available. It can be easily deployed, configured on local hardware, and placed behind a firewall. This allows all assessments to be run locally or with no outside connections, increasing privacy and security for organizations with sensitive and proprietary materials.

To learn more about integrating licensed software tools with SWAMP-in-a-Box, join a free webinar on Thursday, March 8 hosted by Parasoft. This webinar will provide a case-study overview of the SWAMP’s partnership with Parasoft.

Vendors interested in partnering with the SWAMP project may contact Project Manager Irene Landrum at 608-316-4114 or ilandrum@morgridge.org. Developers interested in learning more about SiB can visit: https://continuousassurance.org/swamp-in-a-box/.

ABOUT THE SWAMP

The Software Assurance Marketplace is a joint effort of four research institutions – The Morgridge Institute for Research, Indiana University, the University of Illinois at Urbana-Champaign, and the University of Wisconsin-Madison – to advance the capabilities and to increase the adoption of software assurance technologies through open continuous assurance capabilities and a shared facility. The SWAMP project is funded by the Department of Homeland Security Science & Technology Directorate. Services include access to high throughput computing capacity, over 30 software assurance tools, and a library of more than 280 open-source code samples with known vulnerabilities to help developers improve the quality of their static and dynamic testing tools. For more information, visit https://continuousassurance.org.

###

Contact:
Irene Landrum
Morgridge Institute for Research
608-316-4114
ilandrum@morgridge.org

 

Press Release

Frequently Asked Questions, Answered

SWAMP FAQ
“What is the SWAMP?”

“What is SWAMP-in-a-Box?”

“How does SWAMP fit into my current development process?”

“What is continuous software assurance?”

“Which programming languages and operating systems are supported?”

“What kind of static analysis code tools can be used in the SWAMP?”

 

For answers to these questions and more, check out the SWAMP’s Frequently Asked Questions page, also available as a PDF for download!

 

« Older Entries Recent Entries »