Welcome to the JFrog Blog

All Blogs

Introducing Support for Hex Packages

Introducing Support for Hex Packages

JFrog has always prioritized universality, ensuring software development teams have true freedom of choice. Core to the JFrog Platform, JFrog Artifactory is the world’s most versatile artifact manager, natively supporting nearly 40 package types. After taking in valuable feedback from the developer community, we’re thrilled to discuss how we’re further expanding our universe with the…
Building Cloud Excellence: How JFrog Supports the AWS Well-Architected Framework

Building Cloud Excellence: How JFrog Supports the AWS Well-Architected Framework

In today’s hybrid infrastructure landscape, migrating applications to the cloud unlocks significant financial and technological benefits. Whether internal or external, these applications require robust, efficient infrastructure. Cloud providers like Amazon Web Services (AWS), Google Cloud, and Microsoft Azure offer frameworks to help organizations build better systems. AWS Well-Architected helps cloud architects design secure, high-performing, resilient,…
JFrog’s Release Lifecycle Promotion vs. Build Promotion

JFrog’s Release Lifecycle Promotion vs. Build Promotion

We here at JFrog have long advocated for promoting - never rebuilding - release candidates as they advance across the stages of your SDLC. For many JFrog customers, that meant using JFrog’s “Build Promotion” capabilities. Now you can level up your CI/CD game with promotions using Release Lifecycle Management (RLM)! In this article we’ll show…
JFrog Simplifies Compliance with India’s new CERT SBOM Guidelines

JFrog Simplifies Compliance with India’s new CERT SBOM Guidelines

Overview The Indian Computer Emergency Response Team (CERT-In) is the national agency responsible for addressing cybersecurity incidents in India. Established in 2004 and operating under the Ministry of Electronics and Information Technology (MeitY), CERT-In is dedicated to enhancing the security of India's digital infrastructure. The organization plays a vital role in preventing, detecting, and responding…
Everything You Need to Know About Evil Proxy Attacks and MFA Bypass

Everything You Need to Know About Evil Proxy Attacks and MFA Bypass

Attackers use a malicious proxy server to intercept, monitor, and manipulate communication between a client and a legitimate server, often to steal credentials, session tokens, or other sensitive information. Some services provide "Phishing-as-a-Service" (PhaaS), offering attackers ready-made tools and infrastructure to conduct phishing campaigns. These services simplify the process of deceiving individuals into providing sensitive…
JFrog Achieves ISO/IEC 27001:2022

JFrog Achieves ISO/IEC 27001:2022

As part of JFrog's mission to continuously develop and uphold the highest industry standards in cyber security, we are excited to announce that we have successfully upgraded our ISO certification to the latest version, ISO/IEC 27001:2022. This achievement reinforces our dedication to protecting your data with the high standards of cyber and information security. Understanding…
NIS2 Compliance in 2025: Compliance Doesn’t Have to Mean Complexity

NIS2 Compliance in 2025: Compliance Doesn’t Have to Mean Complexity

The Network and Information Systems Directive 2 (NIS2) is the European Union’s effort to fortify cybersecurity across critical industries and services. Building on the original NIS Directive, NIS2 has broadened its scope, introduced stricter requirements, and placed greater emphasis on supply chain security. Now that the October 2024 transposition deadline has passed, organizations must focus…
Top JFrog Security Research Discoveries of 2024

Top JFrog Security Research Discoveries of 2024

In our previous round-up of security research for 2023,  we mentioned our surprise at the large volume of 29,000 vulnerabilities that were reported two years ago.  But that didn’t prepare us for the astounding 40% increase, reported by Cyber Press, resulting in over 40,000 CVEs that were published over the past year in 2024. That…
The Power of Evidence Collection and Release Lifecycle Management

The Power of Evidence Collection and Release Lifecycle Management

The speed of today’s software development lifecycle is only getting faster. However, the complexity of today’s pipelines make it hard to track and manage the processes software releases must go through. With increasing regulatory pressures, ensuring and proving your software has gone through the necessary quality controls is no longer nice to have – it…
MLOps Your Way with the JFrog Platform

MLOps Your Way with the JFrog Platform

Just like in traditional software development, creating AI applications isn't a one size fits all approach. However, many of the challenges and concerns facing AI/ML development teams share common threads - difficulties getting models to production, tangled infrastructure, data quality, security issues, and so on. Regardless of how you build it, to accelerate production-ready AI,…