Category Archives: Uncategorized

Upcoming SWAMP Events

The next few months are going to be busy for the SWAMP team. Check out what we’re going to be up to, and meet up with us if you can!

More information about these and other events will be shared on the SWAMP’s home page and social media, so check back often!

Parasoft Tools Supported in SWAMP-in-a-Box

Version 10.3 of Parasoft‘s C/C++test and Jtest tools are now supported as tool add-ons in SWAMP-in-a-Box (SiB), providing SWAMP users with secure, local access to Parasoft’s mature static analysis security solution inside their own network. With Parasoft support, SWAMP-in-a-Box now provides expanded access to preconfigured static analysis rulesets, including CWE Top 25, CERT, MISRA, and UL-2900.

“This is an important next step in our partnership with Parasoft to advance the adoption of Continuous Assurance,” says Miron Livny, SWAMP Director and Chief Technology Officer. “Organizations that deploy their customized instances of SWAMP-in-a-Box will benefit from easy and managed access to the evolving capabilities offered by Parasoft’s software testing solutions.”

“We’re very excited to be supporting SWAMP-in-a-Box. Parasoft was the first commercial static analysis tool available in the SWAMP, and it’s great to see the SiB feature give greater access to SWAMP capabilities by allowing users to keep analysis and code on premises,” said Arthur Hicken, Evangelist at Parasoft.

To learn more about Parasoft and SiB, join the upcoming webinar on March 8, 2018 at 1pm Eastern (12pm Central), or contact Parasoft at

Read the full article

Outcomes from Software Security Discussions in “Dark Reading”

Information Week Dark Reading LogoThe SWAMP, along with several other companies and universities, participated in a recent exploratory working group focused on shaping the future of software security. The goal was to “create a very succinct and concrete plan of real-world actions that are executable today for a more resilient software world.” Four working group sessions, led by industry experts, discussed gaps in assurance tool technologies, labeling software with assurance levels to improve the software supply chain, creating a more orthogonal encyclopedia of software weaknesses than CWEs, and mobility app security threats. Read the full article on Dark Reading for the detailed talking points and takeaways.