Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

+ - US Department of Homeland Security Providing Online Open Source Code Testing-> 1

Submitted by cold fjord
cold fjord (826450) writes "ZDNet reports, "At OSCon, The Department of Homeland Security (DHS) ... quietly announced that they're now offering a service for checking out your open-source code for security holes and bugs: the Software Assurance Marketplace (SWAMP). ... Patrick Beyer, SWAMP's Project Manager at Morgridge Institute for Research, the project's prime contractor, explained, "With open source's popularity, more and more government branches are using open-source code. Some are grabbing code from here, there, and everywhere." Understandably, "there's more and more concern about the safety and quality of this code. We're the one place you can go to check into the code" ... funded by a $23.4 million grant from the Department of Homeland Security Science & Technology Directorate (DHS S&T), SWAMP is designed by researchers from the Morgridge Institute, the University of Illinois-Champaign/Urbana, Indiana University, and the University of Wisconsin-Madison. Each brings broad experience in software assurance, security, open source software development, national distributed facilities and identity management to the project. ... SWAMP opened its services to the community in February of 2014 offering five open-source static analysis tools that analyze source code for possible security defects without having to execute the program. ... In addition, SWAMP hosts almost 400 open source software packages to enable tool developers to add enhancements in both the precision and scope of their tools. On top of that the SWAMP provides developers with software packages from the National Institute for Standards and Technology's (NIST) Juliet Test Suite.""
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

US Department of Homeland Security Providing Online Open Source Code Testing

Comments Filter:
  • Yes please, but with all things free take with a grain of salt.

    The DHS does have a vested interest in the internet infrastructure
    working. And also an interest in keeping it free of the worst parasitic
    software.

    It makes a lot of sense to give this service a test drive and look hard at the comments,
    terms and conditions....

    I can also think of ways to watermark my own code to make sure
    it does what and is what I intend and has not been replaced in
    some interesting perhaps criminal way.

Information is the inverse of entropy.

Working...