OWASP & SWAMP(Software Assurance Market Place)
You may have heard the recent announcement of a strategic partnership between OWASP and the DHS-sponsored Software Assurance Marketplace (SWAMP). The SWAMP is an evolving national resource for software assurance, and a partnership between them and OWASP will be valuable to both organizations. You can learn about this growing relationship at https://www.owasp.org/index.php/SWAMP_OWASP.
Secure Decisions, a division of Applied Visions, is a local research and development firm with strong ties to the DHS Science and Technology directorate, and has direct involvement in the SWAMP. Ken Prole, Hassan Radwan, and Anita D’Amico will be presenting an overview of the SWAMP, including its architecture, its history, and a brief demonstration of its capabilities. Come prepared for a lively discussion on the value and challenges of the SWAMP and how those impact OWASP and the larger application security community.
Ken Prole is the primary architect for software assurance at Secure Decisions, and is responsible for guiding the division’s research and development efforts. He has been a close collaborator with the SWAMP team since its inception, and is responsible for the technology used by the SWAMP to present its findings to users. Ken is a frequent contributor to the software assurance community, including presentations at the Software Assurance Forum.
Hassan Radwan leads the development of software assurance tools and technologies at Secure Decisions. He has also participated in the evolution of the SWAMP, and is project leader of the OWASP Code Pulse project, a tool that provides insight into the real-time code coverage of black box testing activities ( https://www.owasp.org/index.php/OWASP_Code_Pulse_Project ), which he presented at the OWASP NYC meeting in June. Hassan is the primary maintainer of the free CWEvis.org site for exploring the Common Weakness Enumeration, which he presented at AppSec 2013.
Anita D’Amico is director of Secure Decisions. She is responsible for all of the division’s activities and research, and for maintaining and growing the relationship with DHS and with the SWAMP team at the Morgridge Institute for Research. Dr. D’Amico is an expert in human factors, has published widely on the topic of visual analytic for cyber security, and is a frequent presenter at industry conferences.