JFrog Xray is a universal component analysis product that works with Artifactory to analyze software components, and reveal a variety of issues at any stage of the software application lifecycle. By scanning binary components and their metadata, recursively going through dependencies at any level, JFrog Xray provides unprecedented visibility into issues lurking in components anywhere in your organization. Xray’s interface with Artifactory gives it the exclusive advantage of combining any number of data feeds with the exhaustive metadata stored within Artifactory to detect different issues without needing access to source code.
How Does It Work?
Xray performs its analyses by connecting to an instance of Artifactory. Once connected, Xray can index the artifacts and metadata in Artifactory’s repositories to efficiently access them for Scanning or Impact Analysis.
JFrog Xray is the only product that takes a dual approach to protecting you against issues using a unique combination of methods
Deep Recursive Scanning
JFrog Xray scans components in your system, recursively drilling down to analyze even the smallest binary component that affects your software.
JFrog Xray continuously scans and analyzes existing components, even those long since deployed to production, and provides alerts and notifications for just-discovered vulnerabilities.
Through its REST API, Xray is open to any number of vulnerability providers.