Omaha OWASP Dec 2016
-
Upload
andrew-freeborn -
Category
Technology
-
view
28 -
download
0
Transcript of Omaha OWASP Dec 2016
SWAMPs in the cloud and ground
Andrew Freeborn
• The SWAMP• What’s it like in the cloud?• Can I have a SWAMP in a box?• Demo!
Agenda
• Software Assurance Marketplace• https://www.mir-swamp.org/• Scans C, C++, Java, Ruby, Python, Android
apps, and more!• Checks source code for problems and gives
you a report with a variety of tools• FREE
The SWAMP
• The SWAMP in the cloud has lots of capability to scan all kinds of packages you want
• Performs decently with short wait times• You can have your application scanned on
various platforms like Red Hat, Ubuntu, etc• Lots of tools available such as gcc, Clang,
and linters
The SWAMP cloud
• Now you can have the SWAMP on-premise• https://continuousassurance.org/swamp-in-a-
box/• Minimum: 12GB RAM, 256GB HD, 4 cores• Not all tools are available, but you still get
Code Dx• You can tune the SWAMP to your specific use
cases, but then you have to manage things• Still free
SWAMP in a box
• [email protected]• https://vivirytech.blogspot.com• Twitter: @vivirytech
Thanks!