Home

USER MANUAL - Software Assurance Marketplace

1. swamp1999 lt Sign Out Q Details Sharing LeanToo Package Versions The following versions of this software package are available ft Home 2 My account Version Description Date 1 0 A contact manager for professional networking 10 18 13 x PROJECTS OWN Lean In Add Version Add new project PACKAGES OWN Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research K SWAMP 2 From the Add New Version screen complete the fields on the form Name Name of the Software Package Version Revision of the uploaded software Build script File to upload to SWAMP Version 20140122 Page 32 of 63 Source path A required field and is the name of the top level directory that is produced when the archive file is unarchived Package type This tells whether or not to invoke the build system to build the software from source code From the dropdown menu choose C C Java source code or Java byte code Build system Name of the system to use to build the software For C C Make Make Configure CMake Make or other may be used For Java source Ant Ant lvy or Maven could be chosen This is an optional field Advanced settings Configure path The name of the directory relative to package dir to change before running the configure command and is used only with C C packages This is an optional field Con
2. OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research a SWAMP 2 On the My Profile screen select Delete Account Version 20140122 Page 14 of 63 Delete My Account Are you sure that you would like to delete your user account When you delete an account all of the user data will continue to be retained 3 You will receive a prompt asking you to confirm the deletion Select OK to delete your account or Cancel to cancel your request Version 20140122 Page 15 of 63 Requesting Project Ownership In an effort to ensure cybersecurity users must Project Ownership status Follow the steps below to become an approved Project Owner Once approved you may create projects and invite others to join your Project Project Members can create Assessment Runs schedule Run Requests and view Assessment Results You only need to request ownership of a project once Request Sent You will be notified when ownership privileges are granted Requesting a New Project In an effort to ensure cybersecurity users must request approval for their SWAMP Projects Follow the steps below to request a Project Once approved you may invite others to join your Project Project Members can create Assessment Runs schedule Run Requests and view Assessment Results You only need to request ownership of a project once After your initial project has been approved you can create addit
3. SOFTWARE ASSURANCE MARKETPLACE USER MANUAL 317 274 3942 Web continuousassurance org App mir swamp org Twitter swampteam Technical Support The SWAMP offers 24 7 support 365 days a year Following is contact information for the SWAMP Dial 317 274 3942 24 7 365 Email To create a support ticket go to TECHNICA Suppor E A 1 PR CTAGCG cia iace tauesratecsadacscenuatnieett E E 3 Introduction to the Software Assurance Marketplace SWAMP 3 Accessing the SWAMP erorcen a aa ae 4 Registering with the SWAMP nsoni ialthavasdenraasiciinstenscaduanedeaueaunssaebtaseneneunneiacentetaetachaeths 4 Password Reg irementS niir ineei aaia aa aaa aAa Eaa a Aasaa AENEA ENED 6 Forgotten Username Password s sssssssssussusnnnnnnnnnnnunnunnnunnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nunnan nannan 8 Signing in to th SWAMP siseiscescccdrt ieena a aaora aai 10 Update Y r SWAMP Accounts aa 11 Change Your PassWord aniisi iaaa a aada Ea eaaa 12 Deleting Your SWAMP Account snssssnnsanunonnnnunnnnnannnnunnnnnnannnnnannnnnannani nonnen nanmanna nnan ea 14 Requesting Project Ownership ssssssssnsnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnne 16 REQUESTING a NEW PrOjOCl riisi aa apaa a 16 Inviting Members to Your Project sssssssssnssunsnunnnnnnnnnnnnnnunnnunnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nannaa 21 Adding Your Software Package to the SWAMP cccecesseeseeeseeneeeeeeee
4. 63 3 On the Add New Tool screen complete the fields on the form and select Submit Name Name of the Assessment Tool File File to upload to SWAMP Version Revision of the uploaded Assessment Tool Tool path The path to invoke the Assessment Tool Deployment command The command to install the Assessment Tool Description public Description of the Assessment Tool to those who have access to it Description private Private description and comments for the Owner of the Assessment Tool swamp1999 lt Sign Out Add New Tool Name CWE_Inspectors File Choose File No file chosen ft Home 2 My account Version PROJECTS OWN Tool path fm Lean In Deployment command Add new project Invocation command PACKAGES OWN o SPR LeanToo Description public Add new package TOOLS OWN CWE_Inspectors Add new tool Description private v Submit x Cancel Fields are required Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research ee SWAMP Version 20140122 Page 57 of 63 Deleting a Tool 1 To delete an Assessment Tool from the left pane on any screen under TOOLS I OWN select an Assessment Tool to delete SWAMP swamp1999 lt Sign Out Recent Events 2 My account PROJECTS OWN Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Cop
5. A process that affirms software functions as intended free from vulnerabilities intentionally or unintentionally inserted into the code This is achieved through continuous assessments Execution Record Displays statistics about the scheduled Assessment Run Owner A User who owns a Project Assessment Tool and or Software Package Platform The operating system environment in which an Assessment Run occurs Project A person or group of people working together for a common purpose for example to create better assessment tools and or to mitigate weaknesses in software Packages Project Member A person who has accepted an invitation to join a SWAMP project Project Members are able to create Assessment Runs schedule Run Request and view Assessment Results Run Request A request to execute one or more Assessment Runs as soon as possible after the requested time Project Members can schedule Run Requests to occur daily weekly or monthly Members can schedule Run Requests that are a combination of daily weekly or monthly times Software Package A software component or system used by others User A person granted permission to belong to the Software Assurance Marketplace A SWAMP user must be a member of a project to use Assessment Tools Platforms and view Assessment Results Version 20140122 Page 62 of 63 Table 1 Compatibility of Platforms and Tools FindBugs Cppcheck Gee Clang Static Analyzer Platforms a Red
6. Description public A text description of the package that is visible to any user of the package Description private A text description of the package that is only visible to the owner of the project Delete a Software Package 1 To delete a Software Package navigate to the Package Versions screen Select the X next to the version you wish to delete swamp1999 lt Sign Out Q Details Sharing LeanToo Package Versions The following versions of this software package are available ft Home 2 My account Version Description Date 1 0 A contact manager for professional networking 10 18 18 Add Version PROJECTS OWN Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research ie SWAMP Version 20140122 Page 34 of 63 2 You will receive a prompt asking you to confirm the deletion Select OK to delete or Cancel to cancel your request Delete Package Version x Are you sure that you want to delete version 1 0 of LeanToo Contact Manager Ok Cancel Version 20140122 Page 35 of 63 Software Package Sharing Private Public or Protected You can share your Software Packages in one of three modes e Private e Public e Protected Private Only the Project Owner can see Software Packages Public Every SWAMP user can see Software Packa
7. Morgridge Institute for Research 3 SWAMP Managing Assessment Tools A SWAMP user may upload Assessment Tool s he she has developed and then test the Assessment Tool against publically available Software Packages or personally uploaded Software Packages Adding Assessment Tools 1 From left pane on any screen select Add New Tool 2 Complete the fields on the form Name Name of the Assessment Tool File File to upload to SWAMP Version Revision of the uploaded Assessment Tool Tool path The path to the Assessment Tool executable Deployment command The command used to install the Assessment Tool Description public Description of the Assessment Tool to those who have access to it Description private Private description and comments for the Owner of the Assessment Tool Version 20140122 Page 51 of 63 3 Select Submit to upload your Assessment Tool You will receive a notification once the upload is complete SWAMP swamp1999 lt Sign Out Add New Tool Name File Choose File no file selected ft Home 2 My account Version PROJECTS OWN Tool path PATHS Lean in Deployment command COMMANDS Add new project Invocation command Add new package COMMENTS Description public Add new tool Description private v Submit x Cancel Fields are required Version 20140122 Page 52 of 63 Editing an Assessment Tool If you need to rename an Assessment Tool you may do so
8. TOO ssssssssusssunnnnnnunnnunnnunnnunnnunnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn 55 DGICUNG a TOO lessi Ea N 58 Assessment Tool Sharing Private Public or Protected cccseeeeee 60 Protected Assessment TOONS sisieiristusieeivescisivaaasaavncusersassavsadsseradcuvanssnabavdaccvsseuosisasusidcnisarnaeindensins 61 io kin 9 ee neo ee eee a ete Ree ene eee rene eece ere 62 Version 20140122 Page 2 of 63 Preface This document guides selected users to successfully use the Software Assurance Marketplace SWAMP The SWAMP is state of the art software designed to serve as an open resource for software developers assurance tool developers and researchers who wish to perform continuous assurance CSwA testing in a safe secure environment The SWAMP is funded by the Department of Homeland Security and directed by academic experts in high throughput computing identity management and security from the following organizations the Morgridge Institute for Research the National Center for Supercomputing Applications at the University of Illinois at Champagne Urbana the Center for Applied Cybersecurity Research at Indiana University and the University of Wisconsin Madison Introduction to the Software Assurance Marketplace SWAMP The SWAMP is a national no cost resource for software assurance SwA technologies used across research institutions non governmental organizations and civilian agencies and their communities as both a resea
9. a build system other than the ones listed above has to be used Other from the build system menu has to be selected and a build command to execute the package needs to be provided This is optional and is used only C C packages Build options Name of the options and arguments to pass to the build command Only for C C Java source packages This is an optional field Build target The name of the file to be created by the build process This target is passed to the build command It is used only with C C Java source This is an optional field Description public A text description of the package that is visible to any user of the package Description private A text description of the package that is only visible to the owner of the project Version 20140122 Page 26 of 63 3 Select Submit to upload your Software Package You will receive a notification once the upload is complete swamp1999 lt Sign Out Add New Package amo rroo E O File Choose File LeanT00_4 0 1_MacX86_OSX dmg v ft Home Lean In ne O bopioyaom command O Balld command is O Description public LeanToo is a professional networking utility to manage contacts Add new project Add new package Description private Open source version of Linkedin Fields are required Version 20140122 Page 27 of 63 Itorvalds lt Sign Out Version 1 0 ft Home 2 My Account Packa
10. access to the Software Package you wish to give Project Members 4 Select Save Note You do not have to be a Project Owner to upload a Package to the SWAMP Version 20140122 Page 37 of 63 Protected This package fs shared with members of the following projects Name Affiliation o Lean In Networking software Morgridge Institute of Research Managing Assessment Runs After an Assessment Run has been schedule the Assessment Run will proceed through three states listed below 1 Scheduled The Scheduled state happens after you create a Run Request for the Assessment Run 2 Running The scheduled Run Request is executing the specified Assessment Run 3 Done The scheduled Run Request has completed and Assessment Results are available Note You can view the details of each stage by selecting the current status under the Status field Add an Assessment Run 1 Select Add Assessment From each dropdown menu 1 Choose a Software Package and its version 2 Choose an Assessment Tool and its version 3 Choose a Platform and its version 2 Select Save Version 20140122 Page 38 of 63 swamp1999 lt Sign Out Q Details 2 Members Run Requests Runs Gf Results Add Lean In Assessment Package ft Home Select a package to assess Select a version 2 My account Suricata Y Latest PROJECTS OWN Select a tool to perform the assessment Select a version Add new project Findbugs v Latest PA
11. not to invoke the build system to build the software from source code From the dropdown menu choose C C Java source code or Java byte code Build system Name of the system to use to build the software For C C Make Make Configure CMake Make or other may be Version 20140122 Page 25 of 63 used For Java source Ant Ant lvy or Maven could be chosen This is an optional field Advanced settings Configure path The name of the directory relative to package dir to change before running the configure command and is used only with C C packages This is an optional field Configure command The name of a command to configure the package before building If undefined empty no command is run This is only used for C C packages This is an optional field Configure options The name of options i e the arguments to pass to the configure command and is used only with C C This is an optional field Build path It is the path to the directory related to the source path to change to before building This is an optional field and is used for C C Java Bulld file Used only with C C Java source packages It is the path to the build file related to the build path to use for the build systems except for the Other build command For a build system type Other the name of the file needs to be passed in the build options This is only used with C C Java source packages This is an optional field Build command If
12. prohibited for example Gmail Hotmail and Yahoo For the SWAMP Username field the system generates an anonymous username to protect the user s identity The user can change the default username The username may be recorded in log files For the Phone Number field the country code will be inserted when the user selects country Type the area code and the local number Password Requirements A strong password is required to complete registration and for access to the SWAMP The following are the minimum acceptable password requirements At least ten characters At least one upper case alphabetic character At least one lower case alphabetic character At least one digit Symbols are encouraged Do not use words found in the dictionary Version 20140122 Page 6 of 63 e The maximum password length is 200 characters 3 On the User Registration Form type the requested information and select Submit User Registration Form Given name Karen v PERSONAL INFO Famity mame Hicheock JO Preferred name karen O e Email address khitcheock continuousassuranceorg Confirm email address Khitchcock continuousassurance org v SWAMP username 5vamp20099 JO SWAMP password r E Confirm SWAMP password 511 Street Address 1 330NOrhard O e ADDRESS Street Address 2 City Madison 7 State WI e Postal code 53715 7 Count
13. 13 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 45 of 63 5 In the Type dropdown menu select Daily Weekly or Monthly e For Daily runs select the time e For Weekly runs select the day and time e For Monthly runs select the date and time 6 Additional run times can be added to your Run Request schedule swamp1999 lt Sign Out Q Details 2Members Assessments Runs amp Results Add Lean In Run Request Schedule ae Name Tuesdays at 8 a m o ome My account Description Run the Assessment every Tuesday at 8 a m PROJECTS OWN Run Requests Fields are required Type Day Time Add new project v Daily i o A a PACKAGES OWN Weekly Monthly Add request wv Save x Cancel LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 46 of 63 7 Select Save Run Requests Fields are required Type Time Wooky Monday B Add request wv Save Cancel 8 You will receive a confirmation message Select OK Notification This run request schedule has been saved Version 20140122 Page 47 of 63 Viewing Run Request Schedules and Results 1 View your scheduled runs on the Run Request Schedules screen SWAMP swamp1999 lt Sign Out Q Details 2 Members Assessmen
14. CKAGES OWN Platform LeanToo Select a platform to use Select a version Ubuntu Linux v Latest Add new package TOOLS OWN v Save x Cafcel CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research a SWAMP 3 You will receive a confirmation message Select OK Version 20140122 Page 39 of 63 Delete an Assessment Run 1 To delete an Assessment Run navigate to the Assessments screen Select the X to the right of the Assessment Run you wish to delete SWAMP swamp1999 lt Sign Out Q Details 2 Members Run Requests Runs amp Results Lean In Assessments The following assessments are currently defined for project Lean In Networking software ft Home 2 My account Package Tool Platform Findbugs latest Ubuntu Linux 12 04 LTS Lucid Lynx 64 bit PROJECTS OWN Add Assessment Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research 4 SWAMP 2 Select OK to confirm that you wish to delete the Assessment Run Are you sure that you want to delete this assessment of Test Package using Findbugs on Ubuntu Linux Ok x Cancel Version 20140122 Page 40 of 63 3 You will receive a confirmation that the Assessment Run has been deleted Select OK Notification This assessmen
15. Hat Enterprise Linux 6 4 32 bit Red Hat Enterprise Linux 6 4 64 bit Yes Yes Yes Yes Yes Fedora 18 64 bit Fedora 19 64 bit Ubuntu 12 04 2 64 bit Yes Yes Yes Yes Yes Debian 7 0 64 bit Scientific Linux 5 9 64 bit Scientific Linux 6 4 64 bit Yes Yes Yes Yes Yes Note It is important to select the correct Platform when running an assessment Selecting the incorrect Platfori generate false results Version 20140122 Page 63 of 63
16. Pending PACKAGES OWN Lauren Steinbeck lsteinbeck morgridgeinstitute org m LeanToo Add invitation m Send Cancel Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP 10 You will receive a notification that invitations have successfully been sent to all new persons invited to join your Project Your invitations to project Lean In Networking software have been successfully sent to all recipients Adding Your Software Package to the SWAMP Version 20140122 Page 24 of 63 You may add and upload edit or delete your Software Packages A Software Package is a set of files containing related software or source code that needs to be assessed for vulnerabilities or insecurities Upload a Software Package 1 To add your own Software Package select Add New Package SWAMP swamp1999 lt Sign Out Recent Events 2 My account PROJECTS OWN Lean In Add new project Add new package Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research i SWAMP 2 Complete the fields on the form Name Name of the Software Package Version Revision of the uploaded software Build script File to upload to SWAMP Source path A required field and is the name of the top level directory that is produced when the archive file is unarchived Package type This tells whether or
17. ROJECTS OWN n Edit Tool m Delete Tool fm Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 60 of 63 Protected Assessment Tools 1 Select the radio button to choose what level of access to the Assessment Tool you wish to give Project Members 2 Select Save SWAMP swamp1999 lt Sign Out Q Details i Versions CWE_Inspectors Tool Sharing Private ft Home This tool is private and can only be seen by the tool owner 2 My account O Public This tool is public and may be seen by any SWAMP user PROJECTS OWN Protected Lean In This tool is shared with members of the following projects Add new project Affiliation J letworking software Morgridge Institute of Research PACKAGES OWN LeanToo Cancel Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 61 of 63 Glossary Assessment Run Specifies one Tool to assess one Software Package on one operating system Platform Assessment Tool An Assessment Tool analyzes a Software Package to find weaknesses that could lead to security vulnerabilities One person owns an Assessment Tool Continuous Software Assurance
18. Street address 2 City State Postal code Country Country code Area code Copyright 2014 Software Assurance Marketplace Morgridge Institute for Research Version 20140122 My Profile Karen PERSONAL INFO Hitchcock Karen Morgridge Institute for Research khitchcock continuousassurance org ACCOUNT INFO swamp20099 330 N Orchard ADDRESS Madison WI 53715 United States PHONE 608 3164226 Request Ownership ft Delete Account x Cancel g sume Page 11 of 63 3 On the Edit My Profile screen make the desired changes and select Submit SWAMP swamp20099 lt Sign Out Edit My Profile PERSONAL INFO Given name Karen Family name Hitchcock Preferred name Karen Affiliation Morgridge Institute for Research Email address khitchcock continuousassurance org ACCOUNT INFO Confirm email address khitchcock continuousassurance org Street Address 1 330 N Orchard ADDRESS Street Address 2 City Madison State WI Postal code 53715 Country United States z Country code PHONE Area code 608 Phone number 3164226 Fields are required Change Password x Cancel opyright 2014 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Change Your Password In the event you would like a new password or you feel that your current password might have become compromised at any time you have the option to change your password Ve
19. Too Package Profile Package name LeanToo ft Home Owner Sheryl Sandberg My account 2 My Friday October 18 2013 PROJECTS OWN a Edit Package ti Delete Package Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 30 of 63 3 From this screen you can change the name of the Software Package Type the revised name of the Software Package and select Save swamp1999 lt Sign Out ONEI i Versions Sharing Edit LeanToo Package Profile Ka nano Lao jo ome 2 My account x Cancel Fields are required PROJECTS OWN Lean in Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP 4 You will receive confirmation of the change Select OK Package Profile Updated The package profile of LeanToo Contact Manager has been successfully updated Version 20140122 Page 31 of 63 Adding Updating or Deleting a Software Package Version View or Add a Version of a Software Package From the Versions tab you can view your Software Package or add a new version of your Software Package 1 Select the Versions tab and then select Add Version
20. Version 20140122 Page 54 of 63 Adding Updating or Deleting an Assessment Tool Version View or Add a Version of an Assessment Tool From the Tool Profile screen you can view your Assessment Tool or add a new version of your Assessment Tool Follow the steps below to add a new version of your Assessment Tool 1 Select Versions swamp1999 lt Sign Out Q Detail CWE_Inspectors Tool Profile Tool name CWE_Inspectors ft Home Owner Sheryl Sandberg My account Creation date Friday October 18 2013 PROJECTS OWN a iii Edit Tool m Delete Tool Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 55 of 63 2 On the Tool Versions screen select Add Version SWAMP swamp1999 lt Sign Out Q Details BER CRT Ta Sharing CWE_Inspectors Tool Versions The following versions of this software tool are available ft Home 2 My account Version Description Date 5 0 5 Finds common weaknesses in your Java code 10 18 13 x Add Version PROJECTS OWN Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research ie SWAMP Version 20140122 Page 56 of
21. different email address or login identifications will Version 20140122 Page 4 of 63 be needed for each additional user account that is created You may use the same email address and personally identifiable information in additional SWAMP user accounts that was used in your initial SWAMP user account Please note that your privacy is important to us We will not provide your personal information to other organizations Follow the steps below to register with the SWAMP Note Ifat any time SWAMP administration believes that your user account s is not being used appropriately your account will be deactivated immediately by SWAMP administration If this happens contact SWAMP at support continuousassurance org for any questions you may have to request account reactivation or to determine next steps to be able to access the SWAMP again 1 Navigate to mir swamp org Select Sign Up 2 Read and accept the Acceptable User Policy must not be used with classified data Do not upload classified data to SWAMP 4 0 Proper Acquisition and Licensing of Software All software used on SWAMP systems must have been appropriately acquired and properly licensed Possession or use of illegally copied software is prohibited Likewise users shall not duplicate copyright protected software or materials except as permitted by the owner of the copyright Some software installed on SWAMP resources may require special authorization in order to be u
22. e a scheduled Run Request select the check box to the right of the run SWAMP swamp1999 lt Sign Out Q Details Members Assessments WOLLE CIULE Runs Results Lean In Run Request Schedules The following schedules are available to project Lean In Networking software ft Home 2 My account Name Description One time Run once as soon as possible PROJECTS OWN Mondays at 8 a m Run the assessment every Monday at 8 a m x Tuesdays at 8 a m Run the Assessment every Tuesday at 8 a m Add new project PACKAGES OWN Add schedule x Cancel LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP ane Version 20140122 Page 50 of 63 4 You will be asked to confirm the deletion Select OK to delete the Run Request or Cancel to cancel your request 5 To view the Execution Record of the Assessment Run from the Runs tab under the Status field select Done MI lt Siga Out Q Details Members Assessments Run Requests Results Zeus Assessment Runs The following assessment runs are currently available for project ZeusyDoodie ft Home 2 My account Date Time Package Tool Platform Pegasus PMD Red Hat Enterprise Linux 2013 09 29 17 29 04 PROJECTS OWN 4 2 2 5 0 4 RHEL6 4 64 bit Add new project Copyright 2013 Software Assurance Marketplace
23. ername Version 20140122 Page 9 of 63 3 An email will be sent to the email address associated with your SWAMP account with your current username Signing in to the SWAMP At the Welcome to the SWAMP screen sign in If you are not yet a registered user of the SWAMP you must first register If you are registered sign in with your username and password to access the SWAMP dashboard SOFTWARE ASSURANCE MARKETPLACE Welcome to the SWAMP SWAMP Username SWAMP Password What is the SWAMP The Software Assurance Marketplace SWVAMP is a national marketplace that provides continuous software assurance capabilities to researchers and developers Let the SWAMP help you to build better safer more secure code wae inom or Sign Up Who Uses the Why Use the How to Use the ee SWAMP SWAMP SWAMP Read More Read More Read More Help forgot my password Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research K SWAMP Version 20140122 Page 10 of 63 Update Your SWAMP Account In the event that your personal information changes you have the ability to update your personal information in your profile at any time 1 Sign in to the SWAMP 2 From the Home screen select My Account to make changes to your account such as editing your profile Select Edit Profile SWAMP Family name Preferred name Affiliation CIZ niun SWAMP username Add New Package Street address 1
24. ersion 20140122 Page 43 of 63 Add a New Run Request 1 From the Edit Run Request Schedules screen select Add Schedule SWAMP swamp1999 lt Sign Out Q Details 2Members Assessments HOR UIE CIC Ca Runs Cf Results Lean In Run Request Schedules The following schedules are available to project Lean In Networking software ft Home One time Run once as soon as possible PROJECTS OWN Mondays at 8 a m Run the assessment every Monday at 8 a m x Add new project Add schedule x Cancel PACKAGES OWN amp LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP 2 On the Define Run Request Schedule screen type a name for your schedule For example Tuesdays at 8 a m 3 Type a description For example Run the assessment every Tuesday at 8 a m 4 Select Add Request Version 20140122 Page 44 of 63 swamp1999 lt Sign Out Q Details 2Members Assessments BRCRULE TIC Ia Runs Cf Results Add Lean In Run Request Schedule ia Name Tuesdays at 8 a m v ome 2 My account Description Run the Assessment every Tuesday at 8 a m GY PROJECTS OWN Run Requests Fields are required Add new project Add request v Jave x Cancel PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 20
25. figure command The name of a command to configure the package before building If undefined empty no command is run This is only used for C C packages This is an optional field Configure options The name of options i e the arguments to pass to the configure command and is used only with C C This is an optional field Build path It is the path to the directory related to the source path to change to before building This is an optional field and is used for C C Java Bulld file Used only with C C Java source packages It is the path to the build file related to the build path to use for the build systems except for the Other build command For a build system type Other the name of the file needs to be passed in the build options This is only used with C C Java source packages This is an optional field Build command If a build system other than the ones listed above has to be used Other from the build system menu has to be selected and a build command to execute the package needs to be provided This is optional and is used only C C packages Build options Name of the options and arguments to pass to the build command Only for C C Java source packages This is an optional field Version 20140122 Page 33 of 63 Build target The name of the file to be created by the build process This target is passed to the build command It is used only with C C Java source This is an optional field
26. ge path src Package type Java source t PROJECTS OWN Z Linux BUILD SCRIPT unzip goo zi Area 51 Pe p cd src Build system PAm A JAVA SOURCE BUILD INFO Add New Project Advanced settings PACKAGES OWN Build path Blah Blah Build file Build options Blah Test Package2 Build target amp Test Package2 aT F COMMENTS Description public This is the initial release of this package Add New Package SWAMP Itorvalds lt Sign Out Package type C C PROJECTS I OWN Z Linux BUILD SCRIPT unzip goo zi jm Area 51 ES j cd src make Add New Project Build system Make A C C BUILD INFO PACKAGES I OWN Advanced settings Blah Configure path config tiiis Blah Configure command l Blah Configure options Test Package2 Build path ila Test Package2 Build file Add New Package Build command make Build options Build target Version 20140122 Page 28 of 63 Edit a Software Package 1 From the Home screen select a Software Package to edit SWAMP swamp1999 lt Sign Out Recent Events 2 My account PROJECTS OWN Lean In Add new project PACKAGES OWN TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research K SWAMP Version 20140122 Page 29 of 63 2 On the Package Profile screen Select Edit Package SWAMP swamp1999 lt Sign Out emt iitms i Versions CG Sharing Lean
27. ges Protected The Project Owner can choose to share Software Packages in a Project with selected Members of that Project team 1 Navigate to the Package Profile screen Select Sharing swamp1999 lt Sign Out eR CIEE i Versions Sharing LeanToo Package Profile Package name LeanToo ft Home Owner Sheryl Sandberg My account Creation date Friday October 18 2013 PROJECTS OWN s Edit Package i Delete Package Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research K SWAMP 2 The Package Sharing screen appears Version 20140122 Page 36 of 63 swamp1999 lt Sign Out Q Details 2 Versions Weg ruts LeanToo Package Sharing Private ft Home This package is private and can only be seen by the package owner 2 My account Public This package is public and may be seen by any SWAMP user PROJECTS OWN O Protected Lean In This package is shared with members of the following projects Add new project Name Affiliation Lean In Networking software Morgridge Institute of Research PACKAGES OWN wv Save x Cancel Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP 3 Select the radio button to choose what level of
28. here If the name of an Assessment Tool is misspelled or to accommodate a new brand name you can change its spelling 1 From the left pane of any screen select an Assessment Tool to edit SWAMP swamp1999 lt Sign Out i Versions Sharing CWE_I Inspector Tool Profile Tool name CWE_Inspector ft Home Owner Sheryl Sandberg amp My account Creation date Friday October 18 2013 PROJECTS OWN Edit Tool m Delete Tool fm Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspector Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research 3 SWAMP Version 20140122 Page 53 of 63 2 On the Tool Profile screen select Edit Tool 3 From this screen you can change the name of the Assessment Tool Type the name of the Assessment Tool and select Save SWAMP swamp1999 lt Sign Out i Versions Sharing Edit CWE_Inspector Tool Profile on Name CWE_Inspectors v ome 2 My account Cancel Fields are required PROJECTS OWN Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspector Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research K SWAMP 4 You will receive confirmation of the change Select OK Tool Profile Updated The tool profile of CWE_Inspectors has been successfully updated
29. inistrator may contact the User requesting a new Project before arriving at a decision if the information provided is insufficient or incase the administrator needs more information about the project to correctly assess before approving Project Registration Form Full name Lean In Networking software Short name alias Lean In v ft Home Eea 2 My account Affiliation Morgridge Institute of Research v Add new project IREA EFTS Fields are required v Submit x Chncel Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research Ge SWAMP 4 The Project Request Submitted confirmation message appears Select OK Version 20140122 Page 18 of 63 Project Request Submitted X Your request for a new project has been submitted but it still needs to be reviewed by SWAMP staff We will notify you via email once a decision has been reached 5 Upon approval you will receive a notification email The project vetting process may take up to 2 business days depending on the SWAMP staffs ability to contact the person requesting the project However we make every effort to process Project Requests promptly d l Find Someone SWAMP Project Lean In Networking software Accepted no reply cosalab org a amp To Sunday Septemb Sheryl Your project has been accepted on the SWAMP site 6 To view Project request status navigate to the Recent Events screen by selecting Home Ver
30. ional projects without approval from SWAMP administration 1 On the Project Request screen select Add New Project Version 20140122 Page 16 of 63 swamp1999 lt Sign Out Project Registration Form Full name Short name alias ft Home 2 My account Affiliation PROJECTS OWN Description Lean In Add new project PACKAGES OWN x Cancel Fields are required Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP 2 On the Project Registration Form screen complete the following fields Full name The full name is the long version of your Projects name used in Project descriptions Short name The Project short name or alias is the short version of your Project s name and will appear in the sidebar Affiliation Please include the company university or other organization with which your Project is affiliated Assessment Results Viewer Choose the results viewer from the Description Please provide a description of your Project to help a SWAMP administrator approve your Project Version 20140122 Page 17 of 63 3 Select Submit Administrators of the SWAMP shall review the information provided in the Affiliation and Description fields to assess whether or not the information provided is appropriate and the intention of the user does not violate Acceptable Use Policy A SWAMP adm
31. lect Add Invitation SWAMP swamp1999 lt Sign Out Q Details Assessments Run Requests Runs Gf Results Lean In Project Invitations The following SWAMP users have previously been invited to project Lean In Networking software ft Home 2 My account Name Email Invitation Date Status John Hurd jhurd morgridgeinstitute org 9 29 13 Pending PROJECTS OWN Johnny Hurd jhurd continuousassurance org 9 29 13 Pending Add new project No new project invitations PACKAGES OWN a a a Add invitation m Send x Cancel LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research i SWAMP 7 Type the name and email of the person you are inviting 8 Continue to Add invitations for any others for whom you want to join your Project Individuals do not have to be registered users of the SWAMP to be invited but must register if they are going to be a part of the project 9 Select Send Version 20140122 Page 23 of 63 swamp1999 lt Sign Out Q Details Assessments Run Requests Runs amp Results Lean In Project Invitations The following SWAMP users have previously been invited to project Lean In Networking software ft Home 2 My account invitation Date Status John Hurd jhurd morgridgeinstitute org 9 29 13 Pending PROJECTS OWN Johnny Hurd jhurd continuousassurance org 9 29 13
32. llowing assessment results are currently available for project ZeusyDoodie ft Home 2 My account Date Time Package 2013 09 29 17 29 41 Pegasus 4 2 2 PMD 5 04 Red Hat Enterprise Linux RHEL64 64 bit View PROJECTS OWN Add new project Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 49 of 63 PMD 5 0 4 Report 2013 09 29 17 28 42 Summary Files Total Priority 1 Priority 2 Priority 3 Priority 4 Priority 5 497 3398 450 139 2620 594 ON home vmrun pegasus source 4 2 2 src edu isi pegasus planner parser InvocationParser Se 15 Possible God class WMC 283 ATFD 135 TCC 0 003952569 169960474 106 Private field m_ forward could be made final it is only initialized in the declaration or constructor me 112 Private field m_reverse could be made final it is only initialized in the declaration or constructor 117 Private field m coarse could be made final it is only initialized in the declaration or constructor 122 Private field m_fine could be made final it is only initialized in the declaration or constructor ES 127 Private field m _log could be made final it is only initialized in the declaration or constructor ae 172 When instantiating a SimpleDateFormat object specify a Locale 3 172 Whan inctantintina n CimnlaNatabnemat ahiant onanifir n T annla Example of detailed results from a run Delete a Scheduled Run Request 1 To delet
33. n navigate to the Welcome to the SWAMP screen and select Help I forgot my password or Help I forgot my username depending on what information you need to reset Resetting Your Password 1 Please enter your SWAMP User Name or Email Address 2 Select Reset Password 3 An email will be sent to the email address associated with your SWAMP account containing your new password 4 Once you receive this email please sign in and reset your password Version 20140122 Page 8 of 63 SOFTWARE ASSURANCE MARKETPLACE Welcome to the SWAMP SWAMP Username What is the SWAMP SWAMP Password The Software Assurance Marketplace SWVAMP is a national marketplace that provides continuous software assurance capabilities to researchers and developers Let the SWAMP help you to build better safer more secure code Who uses the Why use the How to use the SWAMP SWAMP SWAMP Read More Read More Read More Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research ie SWAMP Reset Password x Please enter your SWAMP username or email address below By clicking the reset password button your password will be reset and an email will be sent to your account s email address containing your new password When you receive this email please log in and reset your password SWAMP Username Email Address Reset Password x Cancel Resetting Your Username 1 Please enter your Email Address 2 Select Request Us
34. ng systems The SWAMP protects your intellectual property and personally identifiable information You control access to your Software Packages Assessment Tools and software Assessment Results In the future the SWAMP will offer the most frequently requested Software Packages Software Assessment Tools and Platforms The SWAMP currently provides the following software assurance services 1 For software written in one of the top three programming languages 1 Java 2 C 3 C 2 For assessments using one or more most popular open source static code analysis tools Specifically 1 FindBugs On any supported Linux operating system supporting JVM 1 7 0_17 or greater 2 PMD On any supported Linux operating system supporting JVM 1 7 0_17 or greater 3 Clang Static Analyzer C C for any supported Linux operating system 4 Cppcheck C C for any supported Linux operating system 5 Gcc C compiler 3 For software that runs on one or more of these popular Platforms Operating systems Red Hat Enterprise Linux 6 4 32 bit Red Hat Enterprise Linux 6 4 64 bit Fedora 18 64 bit Fedora 19 64 bit Ubuntu 12 04 2 64 bit Debian 7 0 64 bit Scientific Linux 5 9 64 bit Scientific Linux 6 4 64 bit O DOLOT aN Accessing the SWAMP Registering with the SWAMP In order to access the SWAMP a user registration form must be submitted and will require some personally identifiable information You may have more than one SWAMP user account A
35. ons You can schedule Assessment Runs One time or On a repeated schedule Multiple runs can be scheduled simultaneously e One time A One time Run Request assesses a selected Software Package only once e Ona repeated schedule With the repeated schedule option the user could choose to schedule Assessment Runs on a regular basis like daily weekly or monthly at a time selected This feature is helpful when the user keeps editing the package regularly and wants to perform an Assessment Run with the same tool and on the same platform every time the package is modified or updated Version 20140122 Page 42 of 63 One time Runs 1 The schedule defaults to one time on the Schedule Run Request screen 2 If you want to schedule a recurrent Run Request select Edit Schedules 3 If you want to execute your Assessment Run as soon as possible select Submit SWAMP swamp1999 lt Sign Out Q Details 2Members Assessments HOR CULETTUC Ta Runs Cf Results Schedule Lean In Run Requests Select a schedule for when to execute your run requests ft Home 2 My account One time Run once as soon as possible PROJECTS OWN Mondays at 8 a m Run the assessment every Monday at 8 a m Add new project v Submit x Cancel Edit Schedules PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research 2 SWAMP V
36. rch platform and a core component in the software development life cycle It is our vision that widespread adoption of the SWAMP services will lead to a more secure and safer software ecosystem The Software Assurance Marketplace SWAMP channels the mission of the Department of Homeland Security Science and Technology Directorate s DHS S amp T Cyber Security Division by e Developing and leveraging technologies tools and techniques to defend and secure current systems to better protect critical infrastructures against attacks from our adversaries e Facilitating technology transition through a marketplace approach where a collection of innovative technologies can be harnessed by the community and e Providing a collaborative research environment by which DHS customers agencies of the U S government academia private industry and international partners can exchange technical and research ideas to help advance software security and quality improvements The SWAMP may be used without cost by open source for profit and non profit organizations to test software for vulnerabilities and or security risks The Version 20140122 Page 3 of 63 accessibility of the SWAMP allows users at all levels to engage in the software development life cycle A user can upload his her Software Package and or Assessment Tool to the SWAMP for SwA testing At launch users will have access to over 100 Software Packages on the most popular Platforms operati
37. rsion 20140122 Page 12 of 63 o_o To change your password select Change Password 2 See Password Requirements on page 6 for more information about creating a strong password 3 Type the new password and select Submit SWAMP swamp1999 lt Sign Out Change My Password New password Confirm new password v Submit x Cancel Fields are required PROJECTS OWN Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research K SWAMP Version 20140122 Page 13 of 63 Deleting Your SWAMP Account If for any reason you would like to delete your SWAMP user account you have the option to do so By deleting your SWAMP user account you will lose access to all information within in your SWAMP user account The information will be stored in the SWAMP databases If in the future you wish to use the SWAMP again you may register for a new SWAMP user account at any time You will need to fill out the User Registration Form to create a new user account pages 4 8 For access to your user account information contact SWAMP at support continuousassurance org 1 To delete your SWAMP account from any screen select My Account swamp1999 lt Sign Out Recent Events Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS
38. ry United States z Country code Area code cos O EEE Phone number Phone number 3164226 Please include your telephone number Fields are required opyright 2014 Software Assurance Marketplace Morgridge Institute for Research SWAMP 4 After submitting the registration form you will be asked to verify your email address Select OK From Software Assurance Marketplace Do Not Reply lt do not reply mir swamp org gt Subject SWAMP User Verification Date February 3 2014 5 42 19 AM CST To Karen Hitchcock lt khitchcock continuousassurance org gt Dear Karen Hitchcock You have registered to join the SWAMP To complete the registration process click this link https Awww mir swamp org register verify email 2a199095 1445 83bf 3c21 f49b48a9675a The Software Assurance Marketplace SWAMP Version 20140122 Page 7 of 63 5 You will receive a verification email Within the email follow the instructions to verify your email address Verify Email Address Dear Karen Hitchcock You have registered to join the SWAMP To complete your registration press the button below Once you have done this you may log in and begin using the SWAMP Copyright 2014 Software Assurance Marketplace Morgridge Institute for Research 2 SWAMP 6 You have now completed the registration process and can sign in to the SWAMP Forgotten Username Password If you have forgotten your login informatio
39. s 24 Upload a Software Pack ape iveiscissivcssiassisssiasaiszasincdivanvasvivvaasateetvennsavstasiavadinatvassaavaacaivicseatvansasinss 25 Edita SORW are PACK ae icici E eed ies 29 Adding Updating or Deleting a Software Package Version 00008 32 View or Add a Version Of a Software Package sscssccsseesseeeseeeseeesseeneesssaeseneesenesseeeseeessnees 32 Delete a Software Package snina a aa aAa aa ia AAE 34 Software Package Sharing Private Public or Protected c sseseee 36 Managing Assessment RUNS ccscceeeceeeeeeeeeeeeeeeeeeseneeeeeeneeeneeeneoeesenesenesenes 38 Add an Assessment RUD ssnin 38 Delete an Assessment RUM sssrin paea araa ara AaS eaea asada aaka 40 Schedule a R n Request scission aa eee ee 41 Run Request Scheduling Options cccccceeceeeceeeeeneceneeneeeneseneceesoneseneeenes 42 One time RUN S R 43 Adda New Run Regies ossa aare aLaaa 44 Delete a Scheduled Run RCQuUe St ccccccscsssccstecesssessnscssnecssssecsscersconsssnccensecssenersncessnnesenaecsneeesnas 50 Managing Assessment TOols ccccccseeeeseeeeneeseeeeeeeeeeneeseneeeeneeneneeennesenseaeeneaes 51 Adding Assessment TOONS sssaaa ih as a i aa td es 51 Editing an Assessment TO Ol sciisscescscciice Sead iacste ca set cn resad cae catevsceeanacedsatedsnseiuadesveenyavecbawaes nananana ann 53 Adding Updating or Deleting an Assessment Tool Version 00 55 View or Add a Version Of an Assessment
40. sed Users must abide by the requirements for protecting it from misuse 5 0 Termination Access Restriction SWAMP reserves the right in its sole discretion to terminate your access to the SWAMP Web Site and the related services or any portion thereof at any time without notice Statement of Agreement By clicking I Accept it serves as acknowledgement that you have read and understand your responsibilities as a user If you have questions please contact the Help Desk at support continuousassurance org v accept Copyright 2014 Software Assurance Marketplace Morgridge Institute for Research eS SWAMP Version 20140122 Page 5 of 63 SOFTWARE ASSURANCE MARKETPLACE Welcome to the SWAMP SWAMP Username SWAMP Password What is the SWAMP The Software Assurance Marketplace SWWAMP is a national marketplace that provides continuous software assurance capabilities to researchers and developers Let the SWAMP help you to build better safer more secure code Who Uses the Why Use the How to Use the SWAMP SWAMP SWAMP Help forgot my password Read More Read More Read More Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research g SWAMP Notes All fields are required with the exception of Street Address 2 For the Email address field only email addresses from institutions are allowed to use the SWAMP For example Jack Smith morgridge org Freely available email accounts are
41. sion 20140122 Page 19 of 63 swamp1999 lt Sign Out Recent Events Project Kat Submitted Tuesday October 22 2013 Project Swamp Kat was submitted for approval 2 My account Project Gamma Rejected Tuesday October 22 2013 PROJECTS OWN Project Gamma Wave was rejected by a SWAMP administrator Lean in Project Gamma Submitted Monday October 21 2013 ee Project Gamma Wave was submitted for approval Kat 5 PAE Project Lean In Approved Monday September 30 2013 Project Lean In Networking software was approved by a SWAMP administrator PACKAGES OWN LeanToo Project Lean In Submitted Sunday September 29 2013 Add new package Project Lean In Networking software was submitted for approval TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research g SWAMP Version 20140122 Page 20 of 63 Inviting Members to Your Project Project Owners may invite others to join to their Project Invitees do not need to be current users of the SWAMP but must register with the SWAMP to become a Project Member Project Members are able to create Assessment Runs schedule Run Requests and view Assessment Results A Project Owner is automatically a Project Member 1 The Home screen lists your project under PROJECTS OWN 2 Select a Project you own 3 Select the Members tab swamp1999 lt Sign Out Q Details Assessments Run Req
42. t has been successfully deleted Schedule a Run Request 1 Select the Run Request tab and then select Add Run Requests swamp1999 lt Sign Out Q Details 2 Members Assessments Runs amp Results Lean In Assessment Run Requests The following assessment run requests are currently defined for project Lean In Networking software ft Home No run requests have been defined My account Add Run Requests Edit Schedules PROJECTS OWN Lean in Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research K SWAMP Version 20140122 Page 41 of 63 2 On the Add Run Requests screen select the checkbox in front of the Run Request you wish to schedule and then select Schedule Run Requests swamp1999 lt Sign Out Q Details Members Assessments MCR ULE TIC Ta Runs CG Results Add Lean In Run Requests Please select one or more assessments from the list below to run ft Home 2 My account Package Platform Findbugs latest Ubuntu Linux 12 04 LTS Lucid Lynx 64 bit PROJECTS OWN Lean In Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research ie SWAMP Run Request Scheduling Opti
43. ts HCRUIE CIC Ta Runs CG Results Lean In Run Request Schedules The following schedules are available to project Lean In Networking software ft Home My account Name Description One time Run once as soon as possible PROJECTS OWN Mondays at 8 a m Run the assessment every Monday at 8 a m B Tuesdays at 8 a m Run the Assessment every Tuesday at 8 a m x Add new project PACKAGES OWN Add schedule x Cancel LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP 2 Select the Runs tab to view the status of an Assessment Run Version 20140122 Page 48 of 63 MI lt Sign Out Q Details 2 Members Assessments Run Reque Zeus Assessment Runs The following assessment runs are currently available for project ZeusyDoodie ft Home 2 My account Date Time Package Platform Pegasus PMD Red Hat Enterprise Linux 2013 09 29 17 29 04 D PROJECTS OWN 4 2 2 5 0 4 RHEL6 4 64 bit a Add new project Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research Ge SWAMP 3 When an Assessment Run is done select the Results tab to view the Assessment Results Under the Details column select View to see the results MJ lt Sign Out Q Details 2 Members Assessments Run Requests Runs Zeus Assessment Results The fo
44. uests Runs Results Lean In Project Profile Project full name Lean In Networking software ft Home Project short name alias Lean In My account a My Owner Sheryl Sandberg Affiliation Morgridge Institute of Research PROJECTS OWN Creation date Sunday September 29 2013 Accepted date Sunday September 29 2013 Add new project Description Lean In Networking software PACKAGES OWN Z Edit Profile i Delete Project amp LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research 2 SWAMP Version 20140122 Page 21 of 63 4 The Project Members screen appears Note SWAMP automatically lists the Project Owner s name 5 Select Invite New Members SWAMP swamp1999 lt Sign Out Q Details Assessments Run Requests Runs Cf Results Lean In Project Members The following SYVAMP users are members of project Lean In Networking software ft Home My acoount Name Email Affiliation Join Date Admin Sh Morgridge Institute f PROJECTS OWN ae jhurd morsgridgeinstitute org tailing ee x E n Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 22 of 63 6 From the Project Invitations screen se
45. yright 2013 Software Assurance Marketplace Morgridge Institute for Research amp SWAMP Version 20140122 Page 58 of 63 4 On the Tool Profile screen select Delete Tool SWAMP swamp1999 lt Sign Out i Versions Sharing CWE_Inspectors Tool Profile Tool name CWE_Inspectors ft Home Owner Sheryl Sandberg My account a My Creation date Friday October 18 2013 PROJECTS OWN Edit Toa Delete Tool Lean in Add new project PACKAGES OWN LeanToo Add new package TOOLS OWN CWE_Inspectors Add new tool Copyright 2013 Software Assurance Marketplace Morgridge Institute for Research ie SWAMP 5 You will receive a prompt asking you to confirm the deletion Select OK to delete the Assessment Tool or Cancel Version 20140122 Page 59 of 63 Assessment Tool Sharing Private Public or Protected You can share your Software Packages in one of three modes e Private e Public e Protected Private Only the Project Owner can see Assessment Tools Public Every SWAMP user can see Assessment Tools Protected The Project Owner can choose to share Assessment Tools in a Project with selected Members of that Project team Navigate to the Tool Profile screen and select Sharing swamp1999 lt Sign Out oW CIE i Versions Weg LEUL CWE_Inspectors Tool Profile Tool name CWE_Inspectors ft Home Owner Sheryl Sandberg amp My account Creation date Friday October 18 2013 P

USER MANUAL - Software Assurance Marketplace

Contents

Download Pdf Manuals

Related Search

Related Contents