WEBVTT 1 00:00:00.000 --> 00:00:00.000 In today's world, software powers the Internet of Things, 2 00:00:00.000 --> 00:00:00.000 lots of things, things that make our lives better, easier, 3 00:00:00.000 --> 00:00:00.000 more interesting, less stressful. 4 00:00:00.000 --> 00:00:00.000 But more and more software means much more coding, 5 00:00:00.000 --> 00:00:00.000 and if not properly developed and tested, 6 00:00:00.000 --> 00:00:00.000 code could have weaknesses that become vulnerabilities. 7 00:00:00.000 --> 00:00:00.000 Every day we see and feel the results of bad code 8 00:00:00.000 --> 00:00:00.000 and the problem's getting worse. 9 00:00:00.000 --> 00:00:00.000 In 2014, the National Vulnerability Database 10 00:00:00.000 --> 00:00:00.000 recorded over 7900 vulnerabilities, 11 00:00:00.000 --> 00:00:00.000 nearly 8000 reasons why we have a problem. 12 00:00:00.000 --> 00:00:00.000 Static analysis tools are 20 years behind 13 00:00:00.000 --> 00:00:00.000 the evolution of software. 14 00:00:00.000 --> 00:00:00.000 Size and complexity make it harder 15 00:00:00.000 --> 00:00:00.000 to find potential weaknesses. 16 00:00:00.000 --> 00:00:00.000 The popularity of dynamic programming languages 17 00:00:00.000 --> 00:00:00.000 introduces new challenges, 18 00:00:00.000 --> 00:00:00.000 and most tools each identify 19 00:00:00.000 --> 00:00:00.000 less than 20% of potential weaknesses. 20 00:00:00.000 --> 00:00:00.000 What's a developer to do? 21 00:00:00.000 --> 00:00:00.000 Fortunately, there's SWAMP, 22 00:00:00.000 --> 00:00:00.000 a simple solution to a hard problem. 23 00:00:00.000 --> 00:00:00.000 It's the go-to site to test code, 24 00:00:00.000 --> 00:00:00.000 equipped with a uniquely dynamic suite 25 00:00:00.000 --> 00:00:00.000 of software assurance tools to provide comprehensive, 26 00:00:00.000 --> 00:00:00.000 effective, and secure software assurance. 27 00:00:00.000 --> 00:00:00.000 SWAMP has more than 400 software packages 28 00:00:00.000 --> 00:00:00.000 and test cases to help improve tools. 29 00:00:00.000 --> 00:00:00.000 It's easy to find, easy to use, and absolutely free 30 00:00:00.000 --> 00:00:00.000 to the entire software development community. 31 00:00:00.000 --> 00:00:00.000 Send us your code or binary, and we'll send you a report. 32 00:00:00.000 --> 00:00:00.000 Fix any issues, send it again. 33 00:00:00.000 --> 00:00:00.000 SWAMP can process 34 00:00:00.000 --> 00:00:00.000 over 275 million lines of code each day, every day. 35 00:00:00.000 --> 00:00:00.000 A fast, powerful assessment, 36 00:00:00.000 --> 00:00:00.000 compatible with your existing tools 37 00:00:00.000 --> 00:00:00.000 and open 24/7. 38 00:00:00.000 --> 00:00:00.000 Here's how it works. 39 00:00:00.000 --> 00:00:00.000 First, register and get an account. 40 00:00:00.000 --> 00:00:00.000 Create a project. 41 00:00:00.000 --> 00:00:00.000 Upload your software. 42 00:00:00.000 --> 00:00:00.000 Start building assessments. 43 00:00:00.000 --> 00:00:00.000 View results. 44 00:00:00.000 --> 00:00:00.000 SWAMP: honored as best academic public sector project 45 00:00:00.000 --> 00:00:00.000 of the year. 46 00:00:00.000 --> 00:00:00.000 Constantly evolving 47 00:00:00.000 --> 00:00:00.000 and always adding new tools and capabilities. 48 00:00:00.000 --> 00:00:00.000 A virtual ecosystem of error detection, 49 00:00:00.000 --> 00:00:00.000 dramatically reducing false positives 50 00:00:00.000 --> 00:00:00.000 and delivering trusted performance. 51 00:00:00.000 --> 00:00:00.000 With SWAMP, 52 00:00:00.000 --> 00:00:00.000 there's no reason not to provide software assurance. 53 00:00:00.000 --> 00:00:00.000 So BYOC; we'll do the rest. 54 00:00:00.000 --> 00:00:00.000 DHS S&T Cyber Security Division: Securing your cyber future.