Presentation providing an overview of the SWAMP software assurance platform both in the cloud at https://www.mir-swamp.org/ and an overview of the SWAMP-in-a-box functionality.
2. • The SWAMP
• What’s it like in the cloud?
• Can I have a SWAMP in a box?
• Demo!
Agenda
2
3. • Software Assurance Marketplace
• https://www.mir-swamp.org/
• Scans C, C++, Java, Ruby, Python, Android
apps, and more!
• Checks source code for problems and gives you
a report with a variety of tools
• FREE
The SWAMP
3
4. • The SWAMP in the cloud has lots of capability to
scan all kinds of packages you want
• Performs decently with short wait times
• You can have your application scanned on
various platforms like Red Hat, Ubuntu, etc
• Lots of tools available such as gcc, Clang, and
linters
The SWAMP cloud
4
5. • Now you can have the SWAMP on-premise
• https://continuousassurance.org/swamp-in-a-box/
• Minimum: 12GB RAM, 256GB HD, 4 cores
• Not all tools are available, but you still get Code Dx
• You can tune the SWAMP to your specific use
cases, but then you have to manage things
• Still free
SWAMP in a box
5