The Software Assurance Marketplace (SWAMP) provides continuous software assurance capabilities to developers and researchers. For users that need or prefer to run software assurance tools on their own computing infrastructure, the SWAMP offers a standalone software application called “SWAMP-in-a-Box” (SiB). The SiB package can be deployed on your own servers if you have higher security or compliance requirements for your software, or, being open-source, when you want to customize the software. SWAMP-in-a-Box is now available as an open beta, downloadable from GitHub.

• GitHub: https://github.com/mirswamp/deployment
• Download server: https://platform.swampinabox.org/siab-latest-release/
• Support: sib@continuousassurance.org
• Documentation: Administrator Manual & Reference Manual
• Release notes: Blog
• Plug-ins: https://github.com/mirswamp/

SWAMP-in-a-Box user community

• Mailing list: swampinabox@lists.discovery.wisc.edu
• Sign up: https://lists.cosalab.org/mailman/listinfo/swampinabox

System Requirements Operating System CentOS 7 Hardware Requirements* Minimum: 16 GB RAM, 256 GB disk, 4 cores Recommended: 64 GB RAM, 1 TB disk, 8 cores Support for KVM virtualization

Benefits of SWAMP-in-a-Box Keep your code private and secure Run on an isolated network or intranet Flexibility to configure your own SWAMP Same open-source tools and plug-ins as mir-swamp.org “Bring your own license” for commercial tools View results using CodeDx Compare results from multiple tools

*Minimum requirements support 2 simultaneous VMs (1 assessment VM and 1 results viewer VM). Recommended requirements support multiple simultaneous assessment VMs.

If you are installing SWAMP-in-a-Box in a virtual machine, the hypervisor must support and be configured for nested virtualization, because SWAMP-in-a-Box itself uses virtual machines to perform assessments of packages and to run the results viewer.

 

Press Release – 13 October 2016