Abstract image of a woman sitting on books and studying on a laptop

Omaha OWASP Dec 2016

Download as PPTX, PDF
A
Andrew Freeborn

The document discusses 'The Swamp,' a software assurance marketplace that scans various programming languages for code problems and provides reports. It highlights the availability of cloud-based and on-premise solutions, with tools for scanning applications across multiple platforms. Users can customize the on-premise version, but some tools may not be available compared to the cloud version.

Technology
1 of 7
Download to read offline
1
2
3
4
5
6
7
SWAMPs in the cloud and ground Andrew Freeborn 1
• The SWAMP • What’s it like in the cloud? • Can I have a SWAMP in a box? • Demo! Agenda 2
• Software Assurance Marketplace • https://www.mir-swamp.org/ • Scans C, C++, Java, Ruby, Python, Android apps, and more! • Checks source code for problems and gives you a report with a variety of tools • FREE The SWAMP 3
• The SWAMP in the cloud has lots of capability to scan all kinds of packages you want • Performs decently with short wait times • You can have your application scanned on various platforms like Red Hat, Ubuntu, etc • Lots of tools available such as gcc, Clang, and linters The SWAMP cloud 4
• Now you can have the SWAMP on-premise • https://continuousassurance.org/swamp-in-a-box/ • Minimum: 12GB RAM, 256GB HD, 4 cores • Not all tools are available, but you still get Code Dx • You can tune the SWAMP to your specific use cases, but then you have to manage things • Still free SWAMP in a box 5
• SWAMP • https://www.mir-swamp.org DEMO 6
• vivirytech@gmail.com • https://vivirytech.blogspot.com • Twitter: @vivirytech Thanks! 7

More Related Content

PPTX
Augmented Reality For Processing
pau_figuerasr
 
PPTX
Intro to Codefresh YAML
Codefresh
 
KEY
Migrating big data
lauraxthomson
 
PDF
Hacklu2011 tricaud
stricaud
 
PPTX
Laverna vs etherpad
antitree
 
PDF
Nats.io meetup october 2015 - Community Update
Brian Flannery
 
PPTX
The Road to Kubernetes
Deniz Zoeteman
 
PPTX
Docker Security
antitree
 
Augmented Reality For Processing
pau_figuerasr
 
Intro to Codefresh YAML
Codefresh
 
Migrating big data
lauraxthomson
 
Hacklu2011 tricaud
stricaud
 
Laverna vs etherpad
antitree
 
Nats.io meetup october 2015 - Community Update
Brian Flannery
 
The Road to Kubernetes
Deniz Zoeteman
 
Docker Security
antitree
 

What's hot (19)

PPTX
Reinventing anon email
antitree
 
PDF
PyConIT 2018 Writing and deploying serverless python applications
Cesar Cardenas Desales
 
PPTX
Blue Teaming on a Budget of Zero
Kyle Bubp
 
PDF
FOSDEM 2021 - Infrastructure as Code Drift & Driftctl
Stephane Jourdan
 
PPTX
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
Shellmates
 
PDF
PDX Serverless Meetup - Self-Healing Serverless Applications
Nate Taggart
 
PPTX
Daily AWS Issues
Anton Pohorilyi
 
PDF
Web Crypto
karlvr
 
PDF
10 Things you should know about Ruby
sikachu
 
ODP
AllDayDevOps ZAP automation in CI
Simon Bennetts
 
ODP
Testing at-cloud-speed sans-app-sec-austin-2013
Matt Tesauro
 
ODP
RSYSLOG v8 improvements and how to write plugins in any language.
Rainer Gerhards
 
ODP
Open Source Monitoring Tools Shootout
tomdc
 
PPT
nanog
Tom Paseka
 
PPTX
OTP, Concurrency and Testing Strategies
Adrián Mugnolo
 
ODP
Introduction to ethereum_public
antitree
 
PPTX
Nsa and vpn
antitree
 
PDF
Sullivan white boxcrypto-baythreat-2013
Cloudflare
 
ODP
OWASP 2013 APPSEC USA ZAP Hackathon
Simon Bennetts
 
Reinventing anon email
antitree
 
PyConIT 2018 Writing and deploying serverless python applications
Cesar Cardenas Desales
 
Blue Teaming on a Budget of Zero
Kyle Bubp
 
FOSDEM 2021 - Infrastructure as Code Drift & Driftctl
Stephane Jourdan
 
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
Shellmates
 
PDX Serverless Meetup - Self-Healing Serverless Applications
Nate Taggart
 
Daily AWS Issues
Anton Pohorilyi
 
Web Crypto
karlvr
 
10 Things you should know about Ruby
sikachu
 
AllDayDevOps ZAP automation in CI
Simon Bennetts
 
Testing at-cloud-speed sans-app-sec-austin-2013
Matt Tesauro
 
RSYSLOG v8 improvements and how to write plugins in any language.
Rainer Gerhards
 
Open Source Monitoring Tools Shootout
tomdc
 
nanog
Tom Paseka
 
OTP, Concurrency and Testing Strategies
Adrián Mugnolo
 
Introduction to ethereum_public
antitree
 
Nsa and vpn
antitree
 
Sullivan white boxcrypto-baythreat-2013
Cloudflare
 
OWASP 2013 APPSEC USA ZAP Hackathon
Simon Bennetts
 
Ad

Similar to Omaha OWASP Dec 2016 (19)

PDF
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
ICS
 
KEY
Cloud Security: Ten Things
Coastal Pet Products, Inc.
 
PPTX
vBACD- July 2012 - Crash Course in Open Source Cloud Computing
CloudStack - Open Source Cloud Computing Project
 
PDF
Crash Course in Open Source Cloud Computing
Mark Hinkle
 
PDF
Crash Course on Open Source Cloud Computing
Mark Hinkle
 
PDF
Delivering Infrastructure-as-a-Service with Open Source Software
Mark Hinkle
 
PPTX
vBACD - Crash Course in Open Source Cloud Computing - 2/28
CloudStack - Open Source Cloud Computing Project
 
PPTX
Build a Cloud Day SF - Crash Course on Open Source Cloud Computing
Mark Hinkle
 
PDF
PHP Architect Virtual Cloud summit
Kirsten Hunter
 
PPTX
InfoSec 2011: Crash Course Open Source Cloud Computing
Mark Hinkle
 
ODP
Why Cloud Computing has to go the FOSS way
Ahmed Mekkawy
 
PDF
FishEye - Source Code Explore and more - Brief
Ellen Feaheny
 
PPT
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Phil Agcaoili
 
KEY
What is this cloud thing?
Andrew Eisenberg
 
PPTX
Overview: Building Open Source Cloud Computing Environments
Mark Hinkle
 
PDF
CLOUD COMPUTING: A REVIEW
IAEME Publication
 
PPTX
Linuxcon Europe 2011: Overview - Building Cloud Computing Environments
Mark Hinkle
 
PDF
Open Source Tools and the Software Engineering Process
Steve Arnold
 
PDF
Open source and cloud computing
Rishidot Research
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
ICS
 
Cloud Security: Ten Things
Coastal Pet Products, Inc.
 
vBACD- July 2012 - Crash Course in Open Source Cloud Computing
CloudStack - Open Source Cloud Computing Project
 
Crash Course in Open Source Cloud Computing
Mark Hinkle
 
Crash Course on Open Source Cloud Computing
Mark Hinkle
 
Delivering Infrastructure-as-a-Service with Open Source Software
Mark Hinkle
 
vBACD - Crash Course in Open Source Cloud Computing - 2/28
CloudStack - Open Source Cloud Computing Project
 
Build a Cloud Day SF - Crash Course on Open Source Cloud Computing
Mark Hinkle
 
PHP Architect Virtual Cloud summit
Kirsten Hunter
 
InfoSec 2011: Crash Course Open Source Cloud Computing
Mark Hinkle
 
Why Cloud Computing has to go the FOSS way
Ahmed Mekkawy
 
FishEye - Source Code Explore and more - Brief
Ellen Feaheny
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Phil Agcaoili
 
What is this cloud thing?
Andrew Eisenberg
 
Overview: Building Open Source Cloud Computing Environments
Mark Hinkle
 
CLOUD COMPUTING: A REVIEW
IAEME Publication
 
Linuxcon Europe 2011: Overview - Building Cloud Computing Environments
Mark Hinkle
 
Open Source Tools and the Software Engineering Process
Steve Arnold
 
Open source and cloud computing
Rishidot Research
 
Ad

Recently uploaded (20)

PDF
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
Abstractive summarization using multilingual text-to-text transfer transforme...
IAESIJAI
 
PDF
UiPath Agentic Automation session 1: RPA to Agents
suhanisingh58689
 
PDF
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
Five Habits of High-Impact Board Members
OnBoard
 
PDF
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
PDF
The influence of sentiment analysis in enhancing early warning system model f...
IAESIJAI
 
PDF
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
PDF
OpenACC and Open Hackathons Monthly Highlights July 2025
OpenACC
 
PDF
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
PDF
A proposed approach for plagiarism detection in Myanmar Unicode text
IAESIJAI
 
PPTX
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
PDF
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
PDF
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
PPTX
2018-HIPAA-Renewal-Training for executives
Mayank Mathur
 
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
Modernising the Digital Integration Hub
Daniel Toomey
 
Abstractive summarization using multilingual text-to-text transfer transforme...
IAESIJAI
 
UiPath Agentic Automation session 1: RPA to Agents
suhanisingh58689
 
Convolutional neural network based encoder-decoder for efficient real-time ob...
IAESIJAI
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Five Habits of High-Impact Board Members
OnBoard
 
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
The influence of sentiment analysis in enhancing early warning system model f...
IAESIJAI
 
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
OpenACC and Open Hackathons Monthly Highlights July 2025
OpenACC
 
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
A proposed approach for plagiarism detection in Myanmar Unicode text
IAESIJAI
 
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
2018-HIPAA-Renewal-Training for executives
Mayank Mathur
 

Omaha OWASP Dec 2016

  • 1. SWAMPs in the cloud and ground Andrew Freeborn 1
  • 2. • The SWAMP • What’s it like in the cloud? • Can I have a SWAMP in a box? • Demo! Agenda 2
  • 3. • Software Assurance Marketplace • https://www.mir-swamp.org/ • Scans C, C++, Java, Ruby, Python, Android apps, and more! • Checks source code for problems and gives you a report with a variety of tools • FREE The SWAMP 3
  • 4. • The SWAMP in the cloud has lots of capability to scan all kinds of packages you want • Performs decently with short wait times • You can have your application scanned on various platforms like Red Hat, Ubuntu, etc • Lots of tools available such as gcc, Clang, and linters The SWAMP cloud 4
  • 5. • Now you can have the SWAMP on-premise • https://continuousassurance.org/swamp-in-a-box/ • Minimum: 12GB RAM, 256GB HD, 4 cores • Not all tools are available, but you still get Code Dx • You can tune the SWAMP to your specific use cases, but then you have to manage things • Still free SWAMP in a box 5