Baruch Sadogursky

Baruch Sadogursky

Baruch Sadogursky (a.k.a JBaruch) is the Head of DevOps Advocacy and a Developer Advocate at JFrog. His passion is speaking about technology. Well, speaking in general, but doing it about technology makes him look smart, and more than 20 years of hi-tech experience sure helps. When he’s not on stage (or on a plane to get there), he learns about technology, people and how they work, or more precisely, don’t work together.

He is a co-author of the Liquid Software book, a CNCF ambassador and a passionate conference speaker on DevOps, DevSecOps, digital transformation, containers and cloud-native, artifact management and other topics, and is a regular at the industry’s most prestigious events including KubeCon, DockerCon, Devoxx, DevOps Days, OSCON, Qcon, JavaOne and many others. You can see some of his talks at jfrog.com/shownotes

The Latest From Baruch Sadogursky

  • Going Beyond Exclude Patterns: Safe Repositories With Priority Resolution

    | 6 min read

    You probably remember the Namespace Shadowing a.k.a. “Dependency Confusion” attack that was in the news a couple of weeks ago. I blogged back then about the Exclude Patterns feature of JFrog Artifactory which we’ve had forever and was always intended to protect you against those kinds of attacks. Since the topic was in the news,…

    Read More  
  • Java Artifacts Just Got Better: jpackage is Production Ready in Java 16

    | 5 min read

    TL;DR JDK (Java Development Kit) 14 added an incubating feature to the Java toolkit – the ability to pack a self-contained Java application. The newly released Java 16 takes it to production, and you are going to learn all about it. If you shudder thinking about compilation for different platforms, I know the feeling. One…

    Read More  
  • Yet Another Case for Using Exclude Patterns in Remote Repositories: Namespace Shadowing (a.k.a. “Dependency Confusion”) Attack

    | 8 min read

    Update: June 1, 2021. You asked, we delivered! Even easier protection against dependency confusion attacks! Read more -- Going Beyond Exclude Patterns: Safe Repositories With Priority Resolution. TL;DR The npm Registry is vulnerable to supply chain namespace shadowing, also known as "Dependency Confusion" attacks. Make sure you create npm scoped packages and force exclude patterns. Long-time…

    Read More  
  • The DevOps Community Unites to Fight COVID-19

    | 5 min read

    We are fortunate in the software industry that while COVID-19 can force us to shelter-in-place, it cannot stop software from being deployed. On June 24th and July 1st, thousands of developers and DevOps experts came together in the first-ever virtual swampUP event to learn about software delivery and help in the fight against COVID-19. As…

    Read More