The next few months are going to be busy for the SWAMP team. Check out what we’re going to be up to, and meet up with us if you can!
- SWAMP will be featured in the “Web Security and Automated Assessment Tools – Theory & Practice” tutorial at the NSF Cybersecurity Summit in San Diego, CA from 9am to 1pm on Tuesday, October 15.
- The SWAMP team’s first exhibition at Developer Week Austin is happening on November 6-7 in Austin, TX. Come check us out in the Expo Hall (Booth #307) at the Palmer Events Center.
- Join us in Denver, Colorado for Supercomputing 2019, and attend the tutorial “Secure Coding Practices and Automated Assessment Tools” on Sunday, November 17 from 8:30am to 5:00pm.
- On Monday, December 9, the Internet2 2019 Technology Exchange will feature a tutorial from SWAMP’s Chief Scientist, Bart Miller, and Elisa Heyman. Check out “Securing Coding Practices & Automated Assessment Tools” from 8:30am to 4:30pm.
- The SWAMP team will be exhibiting at Developer Week San Francisco – San Francisco’s largest developer conference! Visit us at the Oakland Convention Center on February 13-14, 2020.
More information about these and other events will be shared on the SWAMP’s home page and social media, so check back often!
Updates were made to the SWAMP today at mir-swamp.org.
- Updated the Ubuntu 16.04 platform, including newer Java build systems natively installed
- Assessments that fail due to network failures will now be re-tried automatically
- Performance improvements
- General enhancements and bug fixes
Please let us know if you have any questions at firstname.lastname@example.org.
Version 10.3 of Parasoft‘s C/C++test and Jtest tools are now supported as tool add-ons in SWAMP-in-a-Box (SiB), providing SWAMP users with secure, local access to Parasoft’s mature static analysis security solution inside their own network. With Parasoft support, SWAMP-in-a-Box now provides expanded access to preconfigured static analysis rulesets, including CWE Top 25, CERT, MISRA, and UL-2900.
“This is an important next step in our partnership with Parasoft to advance the adoption of Continuous Assurance,” says Miron Livny, SWAMP Director and Chief Technology Officer. “Organizations that deploy their customized instances of SWAMP-in-a-Box will benefit from easy and managed access to the evolving capabilities offered by Parasoft’s software testing solutions.”
“We’re very excited to be supporting SWAMP-in-a-Box. Parasoft was the first commercial static analysis tool available in the SWAMP, and it’s great to see the SiB feature give greater access to SWAMP capabilities by allowing users to keep analysis and code on premises,” said Arthur Hicken, Evangelist at Parasoft.
To learn more about Parasoft and SiB, join the upcoming webinar on March 8, 2018 at 1pm Eastern (12pm Central), or contact Parasoft at email@example.com.
Read the full article
The SWAMP, along with several other companies and universities, participated in a recent exploratory working group focused on shaping the future of software security. The goal was to “create a very succinct and concrete plan of real-world actions that are executable today for a more resilient software world.” Four working group sessions, led by industry experts, discussed gaps in assurance tool technologies, labeling software with assurance levels to improve the software supply chain, creating a more orthogonal encyclopedia of software weaknesses than CWEs, and mobility app security threats. Read the full article on Dark Reading for the detailed talking points and takeaways.