Forgot your password?
typodupeerror

+ - US Department of Homeland Security Providing Online Open Source Code Testing-> 1

Submitted by cold fjord
cold fjord (826450) writes "ZDNet reports, "At OSCon, The Department of Homeland Security (DHS) ... quietly announced that they're now offering a service for checking out your open-source code for security holes and bugs: the Software Assurance Marketplace (SWAMP). ... Patrick Beyer, SWAMP's Project Manager at Morgridge Institute for Research, the project's prime contractor, explained, "With open source's popularity, more and more government branches are using open-source code. Some are grabbing code from here, there, and everywhere." Understandably, "there's more and more concern about the safety and quality of this code. We're the one place you can go to check into the code" ... funded by a $23.4 million grant from the Department of Homeland Security Science & Technology Directorate (DHS S&T), SWAMP is designed by researchers from the Morgridge Institute, the University of Illinois-Champaign/Urbana, Indiana University, and the University of Wisconsin-Madison. Each brings broad experience in software assurance, security, open source software development, national distributed facilities and identity management to the project. ... SWAMP opened its services to the community in February of 2014 offering five open-source static analysis tools that analyze source code for possible security defects without having to execute the program. ... In addition, SWAMP hosts almost 400 open source software packages to enable tool developers to add enhancements in both the precision and scope of their tools. On top of that the SWAMP provides developers with software packages from the National Institute for Standards and Technology's (NIST) Juliet Test Suite.""
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

US Department of Homeland Security Providing Online Open Source Code Testing

Comments Filter:
  • Yes please, but with all things free take with a grain of salt.

    The DHS does have a vested interest in the internet infrastructure
    working. And also an interest in keeping it free of the worst parasitic
    software.

    It makes a lot of sense to give this service a test drive and look hard at the comments,
    terms and conditions....

    I can also think of ways to watermark my own code to make sure
    it does what and is what I intend and has not been replaced in
    some interesting perhaps criminal way.

I have not yet begun to byte!

Working...