DevOps
Resources

Latest:

Malicious Packages: What They Are, and How to Protect Against Them

July 21, 2023 JFrog

6 min read

If you develop software, you probably work with software packages all day long. In addition to creating packages for your own software, you rely on packages from other sources – such as third-party repositories – to satisfy your application's dependencies, set up development environments and so on. Downloading packages is convenient, because packages and package…

Read More

FILTER BY

Creating the Ideal DevOps Tools List for Your DevOps Workflows

Creating the Ideal DevOps Tools List for Your DevOps Workflows

September 14, 2021 JFrog | 7 min read

It's often said that DevOps is a philosophy, not a specific set of tools or processes. That's true. Nonetheless, practicing the philosophy of DevOps requires tools. Those tools will vary depending on exactly which types of software you are delivering through a DevOps approach and how you are deploying it. Therefore, one organization's DevOps toolset…
Read More
What is a Software Vulnerability?

What is a Software Vulnerability?

August 29, 2021 JFrog | 8 min read

Understanding software vulnerabilities is fundamental to managing modern security threats. Whether your business depends on software created by third parties, software built by your own developers or a combination of both, the ability to detect and manage software vulnerabilities is absolutely central to keeping software secure and shifting security left. This article explains what software…
Read More
Best Practices for Package Vulnerability Scanning

Best Practices for Package Vulnerability Scanning

August 23, 2021 JFrog | 6 min read

Package security vulnerability scanning is a basic step toward securing virtually any modern software delivery pipeline. With SCA Tools, one can automatically identifying known vulnerabilities within the packages that are used to deploy applications, package scanners significantly reduce the risk of releasing insecure software into production. Securing packages, however, requires more than simply setting up…
Read More
What is a Helm Chart?

What is a Helm Chart?

August 22, 2021 JFrog | < 1 min read

Helm uses a packaging format called charts. A Helm chart is a collection of files that describe a related set of Kubernetes resources. A single chart might be used to deploy something simple, like a full web app stack with HTTP servers, databases, caches, and so on. Details: JFrog Artifactory natively supports Helm Chart repositories,…
Read More
How to Select a Managed Kubernetes Service

How to Select a Managed Kubernetes Service

August 3, 2021 JFrog | 4 min read

Many vendors offer managed Kubernetes services, which are often the easiest method of setting up and managing a Kubernetes cluster. But with so many managed Kubernetes platforms available, it can be hard to determine which one is the right fit for your team’s feature requirements and budget. This article explains how to evaluate managed Kubernetes…
Read More
How to Build and Manage Rust Packages with Cargo

How to Build and Manage Rust Packages with Cargo

August 3, 2021 JFrog | 5 min read

Rust is well-known for being a programming language that focuses on security. But another standout feature of Rust is that, unlike many other languages, it provides its very own build system and package manager, which is known as Cargo. Keep reading for a primer on how to manage Rust packages using Cargo. What is a…
Read More
Best Practices for CI/CD Security

Best Practices for CI/CD Security

August 3, 2021 JFrog | 6 min read

For organizations that have embraced DevOps, the CI/CD pipeline is the foundation of the software delivery workflow. It facilitates the continuous movement of code from development to testing to deployment, and it allows the various stakeholders in the software delivery process -- developers, test engineers, IT operations engineers and more -- to collaborate. Given the…
Read More
Best Practices for Software Bill of Materials (SBOM) Management

Best Practices for Software Bill of Materials (SBOM) Management

August 3, 2021 JFrog | 7 min read

Properly managing a Software Bill of Materials, or SBOM, has always been a best practice from a security and compliance point of view. However, it gained special urgency in May 2021, when the White House issued an executive order that requires software vendors who work with the federal government to provide SBOMs for their products.…
Read More
A Beginner’s Guide to Docker

A Beginner’s Guide to Docker

June 17, 2021 JFrog | 7 min read

Docker has rapidly emerged as the technology of choice for packaging and deploying modern distributed applications. Its name has become synonymous with containers. But what exactly is Docker, how does it work, and why should you use it? Read on and we'll explain the key concepts and features of Docker, as well as the benefits…
Read More
DevSecOps Pipeline

DevSecOps Pipeline

March 22, 2021 JFrog | 5 min read

The popularity of DevSecOps is on the rise, and for good reason. Embracing DevSecOps can help your team reduce risk, simplify compliance, and integrate security into your continuous integration/continuous delivery (CI/CD) pipelines. However, it isn't always easy knowing where to start. Understanding what a DevSecOps pipeline looks like in practice or which tools are best…
Read More

Most Popular

Leveraging Cloud Native Tools in a Hybrid…
Cloud native tools, which run in distributed environments, can be deployed in any type…
The What, Why and How of Shift-Left…
We are living in an age of cybersecurity crisis, and shift-left security is part…
Software Bill of Materials (SBOM): An Overview
How can you defend against software supply chain security risks – meaning security problems…

Follow JFrog