Articles

Software Assurance Marketplace (SWAMP)


In today’s world, software
powers the Internet of Things, lots of things, things that make
our lives better, easier, more interesting,
less stressful. But more and more software
means much more coding, and if not properly
developed and tested, code could have weaknesses
that become vulnerabilities. Every day we see and feel
the results of bad code and the problem’s getting worse. In 2014, the National
Vulnerability Database recorded over
7900 vulnerabilities, nearly 8000 reasons
why we have a problem. Static analysis tools
are 20 years behind the evolution of software. Size and complexity
make it harder to find potential weaknesses. The popularity of dynamic
programming languages introduces new challenges, and most tools each identify less than 20%
of potential weaknesses. What’s a developer to do? Fortunately, there’s SWAMP, a simple solution
to a hard problem. It’s the go-to site
to test code, equipped with
a uniquely dynamic suite of software assurance tools
to provide comprehensive, effective, and secure
software assurance. SWAMP has more than
400 software packages and test cases
to help improve tools. It’s easy to find,
easy to use, and absolutely free to the entire software
development community. Send us your code or binary,
and we’ll send you a report. Fix any issues, send it again. SWAMP can process over 275 million lines
of code each day, every day. A fast, powerful assessment, compatible with
your existing tools and open 24/7. Here’s how it works. First, register
and get an account. Create a project. Upload your software. Start building assessments. View results. SWAMP: honored as best
academic public sector project of the year. Constantly evolving and always adding new tools
and capabilities. A virtual ecosystem
of error detection, dramatically reducing
false positives and delivering
trusted performance. With SWAMP, there’s no reason not to provide
software assurance. So BYOC; we’ll do the rest. DHS S&T Cyber Security Division:
Securing your cyber future.

Comment here