The cost of remediating an issue or vulnerability is akin to the cost of fixing a bug. The later it is discovered, the more expensive it is. JFrog Xray intervenes at every stage of your artifacts’ lifecycle to make sure you are fully protected at all times.
Through continuous analysis, JFrog Xray protects your production systems, scanning your production artifacts in case new issues or vulnerabilities are found after the artifacts are deployed.
Using dedicated plugins, JFrog Xray integrates with your CI/CD server to identify issues and vulnerabilities at build time so you can avoid having infected artifacts from ever entering your production systems in the first place.
JFrog Xray’s IDE Integration takes issue and vulnerability detection to the earliest possible stages of the artifact lifecycle.
Using dedicated plugins, JFrog Xray integrates with your IDE* providing detailed issue and vulnerability information on dependencies** used in your project as you work on development.
By surfacing issue and vulnerability information this early in the artifact lifecycle, developers can make informed decisions on whether a dependency should be included in a project or not, and if necessary, find an alternative artifact at a minimal cost.
Currently IDE integration is support for IntelliJ IDEA and Maven artifacts, however, this will be extended to additional industry standard IDEs and additional package types.